VIRY.CZ

Dobrý den, povedlo se mi po přeinstalaci windows si nenainstalovat antivir a takhle pracovat cca 3 měsíce (ano, hloupá blondýna). Když mi naskočila modrá smrt, tak mi vše došlo, nainstalovala jsem koupený eset a začala kontrolu, nějaký viry mi to odstranilo, ale domnívám se, že ne všechny, i když mi to už jiné nenachází. PC je stále zpomalený a nabíhají nesmyslné reklamy (AdBlock mám). Nevíte jak tento problém řešit? Omlouvám se za tento opravdu trapný dotaz, ale nevím si rady.

Zdravím!
Dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=24&t=130784 .

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2014-09-10 20:14:37
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 228 GB (48%) free of 477 GB
Total RAM: 3950 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:14:39, on 10.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\SupTab\HpUI.exe
C:\Program Files (x86)\WebSpades\bin\WebSpades.BOASHelper.exe
C:\Program Files (x86)\SupTab\Loader32.exe
C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\WebSpades\bin\WebSpades.BrowserAdapter.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\WebSpades\bin\WebSpades.BOASPRT.exe
C:\Program Files (x86)\WebSpades\bin\WebSpades.BOAS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\WebSpades\bin\WebSpades.BOAS.exe
C:\Program Files (x86)\WebSpades\bin\WebSpades.BOAS.exe
C:\Program Files (x86)\WebSpades\bin\WebSpades.BOASPRT.exe
C:\Program Files (x86)\WebSpades\bin\WebSpades.BOAS.exe
C:\program files (x86)\thetorntv v10\thetorntv v10-bg.exe
C:\Program Files (x86)\WebSpades\bin\WebSpades.BOAS.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... XX5VEETFHQ
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... XX5VEETFHQ
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... XX5VEETFHQ
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... XX5VEETFHQ
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0063311 - {11111111-1111-1111-1111-110611331111} - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
O4 - HKLM\..\Run: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIH3E.EXE /EPT "EPLTarget\P0000000000000000" /M "WP-4535 Series"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\ProgramData\IePluginServices\PluginService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: SafetyNut Manager (SafetyNutManager) - SafetyNut Inc - C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update WebSpades - Unknown owner - C:\Program Files (x86)\WebSpades\updateWebSpades.exe
O23 - Service: Util WebSpades - Unknown owner - C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13544 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\ProgramData\IePluginServices\PluginService.exe -service
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
taskeng.exe {BDA6A462-C39C-466B-9B67-95E278D35618}
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Windows\system32\rundll32.exe" "c:\progra~2\gssupp~1\AssistantSvc.dll",service
"C:\Windows\system32\rundll32.exe" "c:\progra~2\gssupp~1\AssistantSvc.dll",service
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\WebSpades\updateWebSpades.exe"
"C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe" -monitor 460
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\safetynut.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe"
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\SupTab\HpUI.exe"
"C:\Program Files (x86)\WebSpades\bin\WebSpades.PurBrowse64.exe" /l false /s false /c "WebSpades" /t "C:\Program Files (x86)\WebSpades\bin\TEMP" /i "http://apiwebspadesinfo-a.akamaihd.net/ ... 0000000000" /d {ed7eb956-75ed-460d-8f69-29a93b07afd1}w64 /p 26565ee9-6e0f-4a7a-a7c0-5ee9f2d45f97:chrome /p b61cff52-46b5-48c0-aeac-ff25b1e9b023:iexplore
\??\C:\Windows\system32\conhost.exe "20506020691913120368-1328735337-21121094441115537129-1642040464-1386645482-28978878
/w 910 /h 100 /cg 98e9a439-6c2c-4e67-8a8f-eaa41fe411a1 /gc 0 /ff 0 /ie 0 /is fmxqtcz
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Apoint\Apoint.exe"
"C:\Program Files\Apoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\SupTab\Loader32.exe"
"C:\Program Files (x86)\SupTab\Loader64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files\Apoint\Apvfb.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "-11198803151591792030-754869498-1878562485-118208204915492058331358421705-1800616128
"C:\Windows\System32\spool\drivers\x64\3\E_YATIH3E.EXE" /EPT "EPLTarget\P0000000000000000" /M "WP-4535 Series"
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe"
"C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe"
"C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="908.0.1463521386\595762479" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17 --gpu-vendor-id=0x1002 --gpu-device-id=0x68e0 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.250.18.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
/c 26565ee9-6e0f-4a7a-a7c0-5ee9f2d45f97 /i b61cff52-46b5-48c0-aeac-ff25b1e9b023 /z "n=WebSpades&is=fmxqtcz&dpt=20"
/c 26565ee9-6e0f-4a7a-a7c0-5ee9f2d45f97 /i b61cff52-46b5-48c0-aeac-ff25b1e9b023 /z "n=WebSpades&is=fmxqtcz&dpt=20"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.istartsurf.com/?type=hp&ts=1 ... XX5VEETFHQ
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3396.0.1410182069\1341271346" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17 --gpu-vendor-id=0x1002 --gpu-device-id=0x68e0 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.250.18.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\WebSpades\bin\WebSpades.BOASPRT.exe" /w 910 /h 100 /hw 197558 /g 98e9a439-6c2c-4e67-8a8f-eaa41fe411a1 /is fmxqtcz
"C:\Program Files (x86)\WebSpades\bin\WebSpades.BOAS.exe" /w 910 /h 100 /hw 197558 /g 98e9a439-6c2c-4e67-8a8f-eaa41fe411a1 /is fmxqtcz /bt 0 /ps \\.\pipe\boa{EF4D40CE-7AEC-4A95-9157-F195C2C5D922} /bv 37
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3396.2.248431020\417344499" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3396.3.975355690\1695522036" /prefetch:673131151
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3396.6.157994836\1159417555" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3396.11.429093877\1570140234" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\WebSpades\bin\WebSpades.BOAS.exe" /w 910 /h 100 /hw 5374582 /g 98e9a439-6c2c-4e67-8a8f-eaa41fe411a1 /is fmxqtcz /bt 0 /ps \\.\pipe\boa{DD8DA00B-F854-4690-9393-E595E008E81D} /bv 37
"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\PC\Downloads\ecblank.gif
"C:\Program Files (x86)\WebSpades\bin\WebSpades.BOAS.exe" /w 910 /h 100 /hw 197842 /g 98e9a439-6c2c-4e67-8a8f-eaa41fe411a1 /is fmxqtcz /bt 0 /ps \\.\pipe\boa{E313BDF5-0834-4A1B-88EC-991202231982} /bv 37
"C:\Program Files (x86)\WebSpades\bin\WebSpades.BOASPRT.exe" /w 910 /h 100 /hw 1049724 /g 98e9a439-6c2c-4e67-8a8f-eaa41fe411a1 /is fmxqtcz
"C:\Program Files (x86)\WebSpades\bin\WebSpades.BOAS.exe" /w 910 /h 100 /hw 1049724 /g 98e9a439-6c2c-4e67-8a8f-eaa41fe411a1 /is fmxqtcz /bt 2 /ps \\.\pipe\boa{56291B66-169A-4A5A-8F46-983E158A4550} /bv 11
"C:\program files (x86)\thetorntv v10\thetorntv v10-bg.exe" /createbg
"C:\Program Files (x86)\WebSpades\bin\WebSpades.BOAS.exe" /w 910 /h 100 /hw 1181026 /g 98e9a439-6c2c-4e67-8a8f-eaa41fe411a1 /is fmxqtcz /bt 0 /ps \\.\pipe\boa{EAA0B20A-F03B-4F58-9951-CCBD5F00F8FB} /bv 37
"C:\Program Files (x86)\iTunes\iTunes.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe" --pipe \\.\pipe\303956491955518465235315692 --parentPipe
\??\C:\Windows\system32\conhost.exe "-668308707-258954695-964938661-18058863291714449732-946330798-528869617-590507383
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe"
\??\C:\Windows\system32\conhost.exe "-169183701415115660231523348194-1046834014-1031508001950454272-41310377-914087997
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe" --pipe \\.\pipe\303956501734892809415692R \\.\pipe\303956501734892809415692W --target 3e2e90867760fea0c8a3649a503dc9fba1ba9b6f --library 1E88E21FC4D1C62C
\??\C:\Windows\system32\conhost.exe "-953091615-46867483913945177811271666405-1578884252-18213044659511628811811035343
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe"
\??\C:\Windows\system32\conhost.exe "153542698221276989271525377165-1404287013-810385462-770184546-195144769-1248659566
"taskhost.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3396.88.125563278\633535840" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3396.138.1517410846\270976744" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3396.155.1419621316\146218337" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --instant-process --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3396.161.1931880641\542934114" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3396.165.1403161838\897925415" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3396.166.1980051567\587655376" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3396.169.732355116\1252111380" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5092 CREDAT:340994 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3396.170.1089524455\1875683422" /prefetch:673131151
"C:\Users\PC\Downloads\RSITx64 (1).exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\67f5d581-0608-49a5-aa09-b2e81c02ddca-1.job - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-codedownloader.exe /reinstallapp /runfrom=task /agentregpath='TheTorntv V10' /appid=63311 /srcid='001823' /subid='0' /zdata='0' /bic=EDF3A33CF79B42F9832A6A71F74A59D8IE /verifier=a48a2af8a0879e3ac2f668c9d771ea26 /installerversion=1_34_08_12 /installerfullversion=1.34.8.12 /installationtime=1408727939 /statsdomain=http://stats.inputgenserv.com /errorsdomain=http://errors.inputgenserv.com /codedownloaddomain=http://cr.install-daddy.com /defbro=ch /crregname='TheTorntv V10' /fbcodedownloaddomain=http://cr.install-daddy.com /allusers /addinfojson='{"asw":[0, 5, 0],"browser_name":"__BROWSER_NAME__"}' /autoupdateulr='http://update.inputgenserv.com/ie_code_ ... pdate.json' /runfrom='task' /externallog=''
C:\Windows\tasks\67f5d581-0608-49a5-aa09-b2e81c02ddca-11.job - C:\Program Files (x86)\TheTorntv V10\67f5d581-0608-49a5-aa09-b2e81c02ddca-11.exe /rawdata=mfG/UWQmWu1mIHfEYBSp/fOGvh0M8dpr4B4GJtvWaFl+ix5rTgSRD/PO+I98CIUidXQoCxQyLTYPnUwFmqouLlvLAjZp42lL7xjd1U/Zp1Afqxh59dsQcqN624r/rGPNzKoxZRvLLyBv/BA/fQ77uIgsl1+ImXDyUjyCcsMZqtSFF5Jx8qxZsAnIPi3fgQ+sVVI6VJatIq7LxGkP0FdW6oXTRfbkXDnTd1YXukc3FQBaWVWrhhHXwYmYmPizru+3/ZwSDOo9D2MBdzHM0OVYg3Y4w4G7B8ohbbpNVbp66fZIFkUOpSukGB24eSmAOHgwEOcMmnbaIN5/1Uc6G9iv0gBwtdQ5JI9BZxKAglh6LkUOLga82jY2ffSNchthPMdNtTjndpegGby6889j7ENyQRiH6k0LtRA0inWBiOHtPZuUnQiTXRrLxeK47aBQe2CZmRSGFLP7hom436mVyYquYH0bPwqF41jVG5AHt2D3oyPx4Dzgs0tIP62kt2cOfiIkekbibvziMOeIsPL+6U0fm/zNg6SePUNbceGlyRYl6Zyq8yC+g3WPEaa5Bo52UckRbAF2h5F3tRz9FwygUlWJIU8n2y+oZnQ20OgvC1+G+KiMdpNYH717qlLY65TLTpZLISjEhFqc4Oe1/rEXftf8UVF930M1v9cRzwVRWgc962YOlh4r37c2rkDWf8zPfD0EPRppcmL3KdLqKpk461uWHbz+ewahshikqDpgnHZpRPhKqyU1a3Rr7ckUyuioFzor914N/gCXqSjYitM7jbAKi0Z55lxZ5Ru+2zlwj8WP3IyZRO8BryfQY5G6vmFN1FH9se6AtXS+QrgdIpBn4n0mVRYZIhf/y/B7FBXtVTEaOyWqI+l0BojL/1Kr3CN1ESZFEniMre6SEH+o8/B0A5J81Fqoq8dd9+lJvItpAqcD/EbAqawp9LK3YztUC1Bb86wI1rOs+Oz+31pqNkj4hEFF2cvwZzsVHrxb3gobfErwMV8hnmFsweWFewPyRBz88HQIfpfcX4KMVy0wrm5eYkhoEihaqoU8giS79Zf+WGjSyz+y3JvTdZ4q6b+fi2vBMQLqnBZ2jWgEBPvfH5YioSPQNNETsF80rDEkpT1w+YCbzfPAkaiVJZKdD7ZRwyDUvsHiMsQ+FY7i53ZNdxo78vE2vKfyyUdzs6XE6TxUVwtYib+XJ/P4T/DixpiTT7nZdbsoF4v1AsBI5SS/8DZPIVtwK4r8u5v8ZjfN9WTMQqKqes84L4TlErKzRJM9V9IKiyxqoYv5945aQ2D6Aw1qtdewln3x09UZx4KPc2wK4lgS4A3yqEDhPxS6A+uwSlneMzczqIJ8AveupEVz6K/DtxkCsUwnhXdmg3ReywafcLZJNVMyLRq7Ul+GzTBW3YhdqTCHoJrOU+cdYnneVKlxVTE560j9M9f8qz0KiVSl6mJ5XDLqO0JeWFOGnPhn0MB2nmGrdie2beTK7iuYn23bE03xsrKBr0kR/TNERXYRTVLMhT2Gx6ry8ph9HrBfRGC30jlvmwLO4IT58a8o6cebN6U9Ys3xBHZuGeyRuZJ3aRqxRUlzw9hmXUEkIknePMg2wIij7KaF93kXoXXBsi2PlLMm2sBIU+/JzBY+Crbxw+QZYZDpHMdarjVzUd0pZz6TBy3DE5ALhIibYUn/vIYabHwjlXh0WxIQYoyk+h3UbgBHjKmHgbfRkxLfb+fRyUv6RFMMOOU4OegzCASGHKlgs2XN3UiCZWbqO8AFUJ5msXLblEfkl+MDa3zK0O4ATEs8ZMVkKgl2lkwhgeYNW7YKTOmtaDdp4e0yztibJqv/bHcdoQ/zZbgsmtruJE539OfFryYAaNVaTKLDASIEpUgRnSAXEmJHTMb/KeNpxTMpmsZJmmHpwkoCuuVBNW/6n9HeN39/qDbaIQbf73BeW+KT4S8aZB7npMqbVzTPLi3Qa0cUi0XzeFo336VGkWAXfZBplyUkxs30/9YGtzMyac3H0d/137ZYH8Iqns3EG0ml7FVpv+uoSoo+7blSA27AuTEanQj7
C:\Windows\tasks\67f5d581-0608-49a5-aa09-b2e81c02ddca-2.job - C:\Program Files (x86)\TheTorntv V10\67f5d581-0608-49a5-aa09-b2e81c02ddca-2.exe /enablebho /agentregpath='TheTorntv V10' /appid=63311 /srcid='001823' /subid='0' /zdata='0' /bic=EDF3A33CF79B42F9832A6A71F74A59D8IE /verifier=a48a2af8a0879e3ac2f668c9d771ea26 /installerversion=1_34_08_12 /installationtime=1408727939 /statsdomain=http://stats.inputgenserv.com /errorsdomain=http://errors.inputgenserv.com /bhoguid=11111111-1111-1111-1111-110611331111 /defbro=ch /allusers /autoupdateulr='http://update.inputgenserv.com/ie_enabl ... pdate.json' /runfrom='task' /externallog=''
C:\Windows\tasks\67f5d581-0608-49a5-aa09-b2e81c02ddca-3.job - C:\Program Files (x86)\TheTorntv V10\67f5d581-0608-49a5-aa09-b2e81c02ddca-3.exe /rawdata=eyH9ywGJa+NtOfOAkncEgslBXPr90Sttlwjm/zV2VgYlWgrL66gpitdFo6LmDg6GVv3Yeb3diNuLOqy4QpNBk+B1YFkShS6FgZhj4/dA5aYSmzL6XgajqoV29LRNcfmNNsKaLlS0K2LWCfLOc61v8YjNsj3qQi/XIun1l9N0Akqz+8Qdim6tFbSNDzVQNFsldXs/c2lXpoZ6RnE5+/Gcs0QHpmCAWnpBA7olXuqBCZ8jQYJstEhWX9C7OhPOLnq68nd6SVjH5b6DNx4CygcLg+p8+hxEd/LOQtOANc6JMjgo+06eNj3mv7EC+BO2yhJD/m8yO7/t9LhRhy5iCFqxrV2sHfFO9Aao+7dWjruGyF63KRqSFtWMMqgcrTnLpH/D4hg/UPGLFZDIWz1puYyJ4V4J/6K4VP5WfDBqxRk0aMCL+rV4xoJ6PSr+Je8AvM8gcaSmv4Qs/kZ8ZBJgM/cbVw08QKzq7fCDJcXWrgxok08v/xtgJGFObW27cfJoMrTegloLtg70gS+lqY+C7nN9uJOfKMUPm1T9hUWgMET2XhnqPU2mt5Gpx/alcvaLb/D3VXX8Q+pNWXfypWi4fKzDEyOYAyNiwP7zbToNXoykN4GL0gRVGizFPWZA9/37m3fdDg4XeMSm81PqiikSDMP1g6Fz6M6EEe1PUfClbLJ/0DuH47UYLBiJj0xlCa+t8LO41jJLGxF1o1V1BLhyn9w3HfdMIhmurAYXpQpJgu1CFg3A0T1zGIBqVYBXMniB+cXVWC1qo3Y7ITDeyKnN9Km98tjJGKncbVSDDSLCstIks8kEV32Ni5ONIkRJz5gfEZ9YatBL6lmPrGL458EtC26pWTXZQx5dIDOJ4tHeouGEYfeHXjsXfiSFgK7XaSjdJk8gvknzFYM1KxmnaTAscxFsDb3/7f7peypLtwCFjG8YuNkZowg31hR95a2SCK8sNMSzNP1MokHKDs0SpkVcpUTfs46THBvRfs210YBMmSneDrWRaY5L7vZsZNG8FajdLMYGF3Fh66xVBm7i//mb76dqA9mWGbEnlw6DEu+LTkPswP9ll9NUKyWwyituMV0qGaBv5WvsxQ1IJnDzyU/EmgQuXzG+uquqOBAkysuZbc7klAxuyOqRAMEUaCUMbgYuAXDs95EkOhMxe5YUjWtheSGeW3oki05I1OocyArz/F1od28=
C:\Windows\tasks\67f5d581-0608-49a5-aa09-b2e81c02ddca-4.job - C:\Program Files (x86)\TheTorntv V10\67f5d581-0608-49a5-aa09-b2e81c02ddca-4.exe /installxpi /agentregpath='TheTorntv V10' /extensionfilepath='C:\Program Files (x86)\TheTorntv V10\67f5d581-0608-49a5-aa09-b2e81c02ddca.xpi' /appid=63311 /srcid='001823' /subid='0' /zdata='0' /bic=EDF3A33CF79B42F9832A6A71F74A59D8IE /verifier=a48a2af8a0879e3ac2f668c9d771ea26 /installerversion=1_34_08_12 /installerfullversion=1.34.8.12 /installationtime=1408727939 /statsdomain=http://stats.inputgenserv.com /errorsdomain=http://errors.inputgenserv.com /waitforbrowser=300 /extensionid=a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com /extensionversion=0.95 /prefsbranch=aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311 /updateurl=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /63311.rdf /extensionname='TheTorntv V10' /extensiondesc='The must-have App extensions for Television fans! Watch free TV channels, live sports and more' /publishername='esc' /defbro=ch /sid=S-1-5-21-3726450706-3269888690-392598298-1000 /addinfojson='{"asw":[0, 5, 0],"browser_name":"__BROWSER_NAME__"}' /allusers /allprofiles /checkfflist /autoupdateulr='http://update.inputgenserv.com/ff_agent ... pdate.json' /runfrom='task' /externallog=''
C:\Windows\tasks\67f5d581-0608-49a5-aa09-b2e81c02ddca-5.job - C:\Program Files (x86)\TheTorntv V10\67f5d581-0608-49a5-aa09-b2e81c02ddca-5.exe /runupdater /agentregpath='TheTorntv V10' /appid=63311 /srcid='001823' /subid='0' /zdata='0' /bic=EDF3A33CF79B42F9832A6A71F74A59D8IE /verifier=a48a2af8a0879e3ac2f668c9d771ea26 /installerversion=1_34_08_12 /installationtime=1408727939 /statsdomain=http://stats.inputgenserv.com /errorsdomain=http://errors.inputgenserv.com /geoserviceurl=http://ipgeoapi.com/ /updatejsondomain=http://update.inputgenserv.com /sid=S-1-5-21-3726450706-3269888690-392598298-1000 /updaterversion=6 /monetizationdomain=http://logs.inputgenserv.com /autoupdateulr='http://update.inputgenserv.com/updater_ ... pdate.json' /runfrom='task' /externallog=''
C:\Windows\tasks\67f5d581-0608-49a5-aa09-b2e81c02ddca-5_user.job - C:\Program Files (x86)\TheTorntv V10\67f5d581-0608-49a5-aa09-b2e81c02ddca-5.exe /runupdater /agentregpath='TheTorntv V10' /appid=63311 /srcid='001823' /subid='0' /zdata='0' /bic=EDF3A33CF79B42F9832A6A71F74A59D8IE /verifier=a48a2af8a0879e3ac2f668c9d771ea26 /installerversion=1_34_08_12 /installationtime=1408727939 /statsdomain=http://stats.inputgenserv.com /errorsdomain=http://errors.inputgenserv.com /geoserviceurl=http://ipgeoapi.com/ /updatejsondomain=http://update.inputgenserv.com /sid=S-1-5-21-3726450706-3269888690-392598298-1000 /updaterversion=6 /monetizationdomain=http://logs.inputgenserv.com /autoupdateulr='http://update.inputgenserv.com/updater_ ... pdate.json' /usertask /runfrom='task' /externallog=''
C:\Windows\tasks\67f5d581-0608-49a5-aa09-b2e81c02ddca-6.job - C:\Program Files (x86)\TheTorntv V10\67f5d581-0608-49a5-aa09-b2e81c02ddca-6.exe /agentregpath='TheTorntv V10-nv' /appid=63311 /srcid='001823' /subid='0' /zdata='0' /bic=EDF3A33CF79B42F9832A6A71F74A59D8IE /verifier=a48a2af8a0879e3ac2f668c9d771ea26 /installerversion=1_34_08_12 /installerfullversion=1.34.8.12 /installationtime=1408727939 /statsdomain=http://stats.inputgenserv.com /errorsdomain=http://errors.inputgenserv.com /codedownloaddomain=http://cr.install-daddy.com /defbro=ch /DllName32ToInjectToChrome='076d8b5f-a755-4da5-a5ba-cbb57f301128.dll' /DllName64ToInjectToChrome='ed41810f-e3c5-4fa9-b719-90c46eeb999d.dll' /nova64bitexe='67f5d581-0608-49a5-aa09-b2e81c02ddca-64.exe' /browsername='nova' /usehklm /crregname='TheTorntv V10' /fbcodedownloaddomain=http://cr.install-daddy.com /addinfojson='{"asw":[0, 5, 0],"browser_name":"__BROWSER_NAME__"}' /autoupdateulr='http://update.inputgenserv.com/novarun/ ... pdate.json' /runfrom='task' /externallog=''
C:\Windows\tasks\67f5d581-0608-49a5-aa09-b2e81c02ddca-7.job - C:\Program Files (x86)\TheTorntv V10\67f5d581-0608-49a5-aa09-b2e81c02ddca-7.exe /updateapp /agentregpath='TheTorntv V10-nv' /appid=63311 /srcid='001823' /subid='0' /zdata='0' /bic=EDF3A33CF79B42F9832A6A71F74A59D8IE /verifier=a48a2af8a0879e3ac2f668c9d771ea26 /installerversion=1_34_08_12 /installerfullversion=1.34.8.12 /installationtime=1408727939 /statsdomain=http://stats.inputgenserv.com /errorsdomain=http://errors.inputgenserv.com /codedownloaddomain=http://cr.install-daddy.com /defbro=ch /DllName32ToInjectToChrome='076d8b5f-a755-4da5-a5ba-cbb57f301128.dll' /DllName64ToInjectToChrome='ed41810f-e3c5-4fa9-b719-90c46eeb999d.dll' /nova64bitexe='67f5d581-0608-49a5-aa09-b2e81c02ddca-64.exe' /browsername='nova' /usehklm /crregname='TheTorntv V10' /fbcodedownloaddomain=http://cr.install-daddy.com /addinfojson='{"asw":[0, 5, 0],"browser_name":"__BROWSER_NAME__"}' /runfrom=task /autoupdateulr='http://update.inputgenserv.com/novacode ... pdate.json' /runfrom='task' /externallog=''
C:\Windows\tasks\91d9a72d-c59f-42b3-b3d8-a562ae9da3c4.job - C:\Program Files (x86)\TheTorntv V10\67f5d581-0608-49a5-aa09-b2e81c02ddca-4.exe /rawdata=B2GPoiHBhUv2iA++grjOtkbOUbXAUM2lyLXMi7KhVJNCHWOJG6fOydeLiV+VLDlepIEbfO6U1zyQPnZMGX6thvrsfm51/pV9526nqcBBgoe8bi4i/+fml0SSAXsJohSzBIc6WpdhGP7yAtACceR/qAHXWbuyOLwuE5rcwPXolV6F7fFXHypkK7oS13oeN9XmjO+4H+3GBS6FsOoaUEqiw4Au6E1VSmSKEZs23/ocGF1t5ytoB0xi0wyD7U1n+KA3zaTICydKsvSqFuFjOrkDP+mA3pspcFe7KGOrOfF0O9zbePZ8UOSwzV89G7XHH4bvuvTYji6ZWwuTsYW7tD33VDZne1dJkXgZpzLRtB1FzZMnO15a3ByWsQnJ+bqLMkUbQsvH7KuneTzFn5MvPQcY3L5I1L+gniBSYKbo36FFg5yY2nKbkpzKQwNKTSSEEZwx9VyJPw9G9UQv28FLjKTjUdC7/wiJ1X+f+Caybre4c7vIFs9toWGJ+JH85Wa/SayTr1ciy1UVdFMawQiefpUVa3MC7vP6JgS5GzOJKwlaz1+xLtgxtbBM4T17dPfn7Rq2iB4ieQePwQEmHDcTj+Dm6gx4pXUbqXboWDztSC+mm/VOd3jTBjGZqY8cSCqpK1TZws34HSWQ3yqUD0ssasX7lCesduQAHUNY5EZ6Hpy6f6Rw0xIsHnWc/BLtq38ubC+eHd3Ob7KklzxFHdaMiwWQq0/uOmnxu+egyAxLH90gmYWwmzKetlHkyvYN5DCBNCb/V8vbLyVW5zAsandx4He72a1tjRWQ7VnS7ngKd4ujK8mjmQn5iGr9SDLN04GX4snKsRIvHDwOxa4UvUYssuEcEkwFj7GyPl0gKw75xoPyK/CaDummGG4UDznYNpZpPNgkRpw0j8O+LB9wz2gu6zMWqhADDFNrtHupzI//S4oJIn0z8OQRmGep7+RrbtiFUljJnbJkMUJS+UDTN7++dNs2C74Q6/PmJKRS3wYw2C52cR14PFKnmByM6fZJF6NX7sYiB/sqn5dRMHrleBpyvqPaPxFfZ3GoF7a5uzeky5fSAM3Q1rJwVCMe2XNCjNijtK01mXBzBKow5HHd42u1aVSisjQRpjbUujsdG7tcBiYbuiM6nyA0R5L0hVBkVXUmdWG/3hRkhc2lWdkDa+GCXCA9gmn5SfJR+aJvLWetzi16ASAQHYR9fE8Wmr+FlfdpAtZ+6iNeLB/OyArNrv+nRpBlDOCe8dJhsBqvAdpTprI5sMgDXXlAkHu/U1KC5jO5rSIYFwPElH/25veBwMBARCYoxvpANEd561K0pc77iimvuHDBdclt1bWdsnTEyGc6ODhyOcDtTqTnj331DNIg6hhvZ3LMakPBzcwtTIn1IvjqCESiG3ejgO7mX22fIKvBBfNgXS3RnIxtnL5Jr9Gpl3UXmQcWruPfZtjv31ovGnP+4ZWNvwcY1rcDIKcvUdhOAY1xjGFNicKYNLN0bcaP06+NVd8nt3n3J4Rl0A6XZPXyQErHz2bYuasZ9L0FG9GA6YWids9cvwgFvOLrvGiOOpvjLI+vCh8+xbTqiZuyd87RBC0pJgRvkhRLDiXd43biWwnOsBZ6nTuUAeb/OyLoAtZZgQsHIlRpLYkxe4oOzg0U50xjZN27GXf1REfjUr5VaBIwwwjbRNu1jXB4qnYLygMOchijlQZNgDg3dGRr7zDJjiYwjBM61Kb7EvnTOQePCJ+mck4ewVtHT4tInmDkwbPsNxLAITXjscNAYrVuFxQlhly1VyvF2+Xla83OPVhY5/zMgqBZ4sJOkqZ3TD0x9mUWQNq7J6jx02fXT2bW9FqD7MnX1mgjns1BOekHTwylZb+K191sJnNcj3EGF+OtQIBCdA==
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3726450706-3269888690-392598298-1000Core.job - C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3726450706-3269888690-392598298-1000UA.job - C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111}]
TheTorntv V10 - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho64.dll [2014-08-22 746344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111}]
TheTorntv V10 - C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho.dll [2014-08-22 554856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\SupTab\SupTab.dll [2014-08-22 507904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-06 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-06 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-11-05 1361112]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2010-09-15 212480]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-02-24 5581888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-06 136176]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-08-01 3673696]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"uTorrent"=C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe [2014-08-11 1322832]
"EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIH3E.EXE [2011-07-19 239488]
"GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-08-30 852808]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-11-29 766208]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"FUFAXRCV"=C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [2011-03-09 495616]
"FUFAXSTM"=C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [2011-03-09 856064]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392]

C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ESETOlmarikOlmascoCleaner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ESETOlmarikOlmascoCleaner.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-10 20:08:16 ----D---- C:\rsit
2014-09-10 20:08:16 ----D---- C:\Program Files\trend micro
2014-09-02 21:28:42 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2014-09-02 21:28:42 ----A---- C:\Windows\system32\drivers\bthport.sys
2014-09-02 20:36:39 ----D---- C:\Windows\SYSWOW64\Wat
2014-09-02 20:36:38 ----D---- C:\Windows\system32\Wat
2014-09-02 20:26:41 ----D---- C:\Program Files\CCleaner
2014-09-02 19:36:30 ----D---- C:\Program Files (x86)\Google
2014-09-02 17:31:38 ----D---- C:\ProgramData\SaveeNeuwaAoppzz
2014-09-02 15:14:42 ----D---- C:\Windows\system32\MRT
2014-09-02 15:14:22 ----A---- C:\Windows\system32\MRT.exe
2014-09-02 14:35:09 ----A---- C:\Windows\system32\browserchoice.exe
2014-09-02 13:44:33 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2014-09-02 13:44:25 ----A---- C:\Windows\SYSWOW64\wmi.dll
2014-09-02 13:44:25 ----A---- C:\Windows\system32\wmi.dll
2014-09-02 13:21:47 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-09-02 13:00:24 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-02 13:00:24 ----A---- C:\Windows\system32\tzres.dll
2014-09-02 12:18:26 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-09-02 12:18:26 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-09-02 12:18:26 ----A---- C:\Windows\system32\infocardapi.dll
2014-09-02 12:18:26 ----A---- C:\Windows\system32\icardagt.exe
2014-09-02 12:18:22 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-09-02 12:18:22 ----A---- C:\Windows\system32\icardres.dll
2014-09-02 12:17:56 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-09-02 12:17:56 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-09-02 11:20:39 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2014-09-02 11:20:39 ----A---- C:\Windows\system32\poqexec.exe
2014-09-02 10:55:35 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-09-02 10:55:35 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-09-02 10:55:34 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-09-02 10:55:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-09-02 10:55:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-09-02 10:55:33 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-02 10:55:33 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-09-02 10:55:33 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-02 10:55:33 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-02 10:55:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-09-02 10:55:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-09-02 10:55:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-09-02 10:55:31 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-02 10:55:30 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-09-02 10:55:30 ----A---- C:\Windows\system32\iernonce.dll
2014-09-02 10:55:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-09-02 10:55:27 ----A---- C:\Windows\system32\urlmon.dll
2014-09-02 10:55:26 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-09-02 10:55:26 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-02 10:55:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-09-02 10:55:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-09-02 10:55:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-09-02 10:55:25 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-02 10:55:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-02 10:55:25 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-02 10:55:24 ----A---- C:\Windows\system32\iesetup.dll
2014-09-02 10:55:24 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-02 10:55:23 ----A---- C:\Windows\system32\iertutil.dll
2014-09-02 10:55:22 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-09-02 10:55:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-09-02 10:55:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-09-02 10:55:21 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-09-02 10:55:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-09-02 10:55:20 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-09-02 10:55:20 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-09-02 10:55:20 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-02 10:55:19 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-09-02 10:55:18 ----A---- C:\Windows\system32\ieui.dll
2014-09-02 10:55:18 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-02 10:55:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-09-02 10:55:17 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-02 10:55:17 ----A---- C:\Windows\system32\ieframe.dll
2014-09-02 10:55:16 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-02 10:55:16 ----A---- C:\Windows\system32\jscript9.dll
2014-09-02 10:55:16 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-02 10:55:15 ----A---- C:\Windows\system32\wininet.dll
2014-09-02 10:55:15 ----A---- C:\Windows\system32\vbscript.dll
2014-09-02 10:55:15 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-02 10:55:14 ----A---- C:\Windows\system32\msrating.dll
2014-09-02 10:55:14 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-02 10:55:13 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-02 10:55:12 ----A---- C:\Windows\system32\mshtml.dll
2014-09-02 10:49:25 ----A---- C:\Windows\system32\odbccu32.dll
2014-09-02 10:49:25 ----A---- C:\Windows\system32\odbccr32.dll
2014-09-02 10:49:25 ----A---- C:\Windows\system32\odbccp32.dll
2014-09-02 10:49:24 ----A---- C:\Windows\system32\odbctrac.dll
2014-09-02 10:49:22 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2014-09-02 10:49:22 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2014-09-02 10:49:21 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2014-09-02 10:49:21 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2014-09-02 10:49:20 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2014-09-02 10:49:09 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2014-09-02 10:49:09 ----A---- C:\Windows\system32\comctl32.dll
2014-09-02 10:48:50 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-09-02 10:48:50 ----A---- C:\Windows\system32\mstscax.dll
2014-09-02 10:48:47 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-09-02 10:48:47 ----A---- C:\Windows\system32\tsgqec.dll
2014-09-02 10:48:47 ----A---- C:\Windows\system32\aaclient.dll
2014-09-02 10:48:46 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-09-02 10:48:01 ----A---- C:\Windows\system32\shell32.dll
2014-09-02 10:47:58 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-09-02 10:47:44 ----A---- C:\Windows\system32\wintrust.dll
2014-09-02 10:47:43 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-09-02 10:45:25 ----A---- C:\Windows\system32\CPFilters.dll
2014-09-02 10:45:22 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2014-09-02 10:45:19 ----A---- C:\Windows\system32\sbe.dll
2014-09-02 10:45:17 ----A---- C:\Windows\SYSWOW64\sbe.dll
2014-09-02 10:44:53 ----A---- C:\Windows\system32\quartz.dll
2014-09-02 10:44:51 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-09-02 10:44:46 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-09-02 10:44:45 ----A---- C:\Windows\system32\qdvd.dll
2014-09-02 10:41:15 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2014-09-02 10:41:14 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-09-02 10:41:14 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-09-02 10:41:06 ----A---- C:\Windows\system32\usp10.dll
2014-09-02 10:41:05 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-09-02 10:40:54 ----A---- C:\Windows\SYSWOW64\webio.dll
2014-09-02 10:40:52 ----A---- C:\Windows\system32\webio.dll
2014-09-02 10:28:31 ----A---- C:\Windows\system32\crypt32.dll
2014-09-02 10:28:30 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-09-02 10:28:30 ----A---- C:\Windows\system32\cryptsvc.dll
2014-09-02 10:28:30 ----A---- C:\Windows\system32\cryptnet.dll
2014-09-02 10:28:29 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-09-02 10:28:29 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2014-09-02 10:27:50 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-09-02 10:27:50 ----A---- C:\Windows\system32\wer.dll
2014-09-02 10:27:47 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2014-09-02 10:27:47 ----A---- C:\Windows\system32\imagehlp.dll
2014-09-02 10:27:43 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-09-02 10:27:43 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-09-02 10:27:42 ----A---- C:\Windows\system32\drivers\netio.sys
2014-09-02 10:26:02 ----A---- C:\Windows\system32\msxml6.dll
2014-09-02 10:26:02 ----A---- C:\Windows\system32\msxml3.dll
2014-09-02 10:26:01 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-09-02 10:26:01 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-09-02 10:26:01 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-09-02 10:26:01 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-09-02 10:26:01 ----A---- C:\Windows\system32\msxml6r.dll
2014-09-02 10:26:01 ----A---- C:\Windows\system32\msxml3r.dll
2014-09-02 10:25:56 ----A---- C:\Windows\system32\drivers\portcls.sys
2014-09-02 10:25:56 ----A---- C:\Windows\system32\drivers\drmk.sys
2014-09-02 10:25:48 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-09-02 10:25:48 ----A---- C:\Windows\system32\osk.exe
2014-09-02 10:25:21 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2014-09-02 10:25:21 ----A---- C:\Windows\system32\atmlib.dll
2014-09-02 10:25:21 ----A---- C:\Windows\system32\atmfd.dll
2014-09-02 10:25:20 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2014-09-02 10:25:20 ----A---- C:\Windows\system32\dciman32.dll
2014-09-02 10:25:19 ----A---- C:\Windows\SYSWOW64\lpk.dll
2014-09-02 10:25:19 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2014-09-02 10:25:19 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2014-09-02 10:25:19 ----A---- C:\Windows\system32\lpk.dll
2014-09-02 10:25:19 ----A---- C:\Windows\system32\fontsub.dll
2014-09-02 10:25:16 ----A---- C:\Windows\system32\mfc42u.dll
2014-09-02 10:25:16 ----A---- C:\Windows\system32\mfc42.dll
2014-09-02 10:25:15 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2014-09-02 10:25:14 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2014-09-02 10:25:11 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-09-02 10:25:11 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-09-02 10:25:11 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-09-02 10:25:10 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-09-02 10:25:10 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-09-02 10:25:06 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-09-02 10:25:06 ----A---- C:\Windows\system32\qedit.dll
2014-09-02 10:25:03 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-09-02 10:25:03 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-09-02 10:25:00 ----A---- C:\Windows\system32\drivers\usb8023.sys
2014-09-02 10:24:54 ----A---- C:\Windows\system32\rdrmemptylst.exe
2014-09-02 10:24:54 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-09-02 10:24:53 ----A---- C:\Windows\system32\rdpwsx.dll
2014-09-02 10:24:43 ----A---- C:\Windows\system32\drivers\afd.sys
2014-09-02 10:24:40 ----A---- C:\Windows\system32\Wdfres.dll
2014-09-02 10:24:40 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2014-09-02 10:24:40 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2014-09-02 10:24:38 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2014-09-02 10:24:37 ----A---- C:\Windows\system32\drivers\usbcir.sys
2014-09-02 10:24:32 ----A---- C:\Windows\system32\drivers\hidparse.sys
2014-09-02 10:24:32 ----A---- C:\Windows\system32\drivers\hidclass.sys
2014-09-02 10:24:28 ----A---- C:\Windows\system32\dnsapi.dll
2014-09-02 10:24:27 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-09-02 10:24:27 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-09-02 10:24:27 ----A---- C:\Windows\system32\dnscacheugc.exe
2014-09-02 10:24:26 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2014-09-02 10:22:40 ----A---- C:\Windows\system32\dpnet.dll
2014-09-02 10:22:39 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2014-09-02 10:22:21 ----A---- C:\Windows\system32\msi.dll
2014-09-02 10:22:18 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-09-02 10:22:08 ----A---- C:\Windows\system32\authui.dll
2014-09-02 10:22:06 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-09-02 10:22:06 ----A---- C:\Windows\system32\consent.exe
2014-09-02 10:22:06 ----A---- C:\Windows\system32\appinfo.dll
2014-09-02 10:22:05 ----A---- C:\Windows\system32\msihnd.dll
2014-09-02 10:22:04 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-09-02 10:21:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-09-02 10:21:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-09-02 10:21:03 ----A---- C:\Windows\system32\winlogon.exe
2014-09-02 10:21:02 ----A---- C:\Windows\system32\KernelBase.dll
2014-09-02 10:21:00 ----A---- C:\Windows\system32\objsel.dll
2014-09-02 10:20:59 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-09-02 10:20:54 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-09-02 10:20:53 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-09-02 10:20:49 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-09-02 10:20:49 ----A---- C:\Windows\system32\smss.exe
2014-09-02 10:20:49 ----A---- C:\Windows\system32\dimsroam.dll
2014-09-02 10:20:49 ----A---- C:\Windows\system32\cngprovider.dll
2014-09-02 10:20:49 ----A---- C:\Windows\system32\adprovider.dll
2014-09-02 10:20:48 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-09-02 10:20:48 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-09-02 10:20:48 ----A---- C:\Windows\system32\capiprovider.dll
2014-09-02 10:20:47 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-09-02 10:20:47 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-09-02 10:20:47 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-09-02 10:20:45 ----A---- C:\Windows\system32\csrsrv.dll
2014-09-02 10:20:44 ----A---- C:\Windows\system32\wincredprovider.dll
2014-09-02 10:20:43 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-09-02 10:20:32 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2014-09-02 10:20:32 ----A---- C:\Windows\system32\apisetschema.dll
2014-09-02 10:12:15 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-09-02 10:12:15 ----A---- C:\Windows\system32\d3d10warp.dll
2014-09-02 10:12:15 ----A---- C:\Windows\system32\d2d1.dll
2014-09-02 10:12:14 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-09-02 10:11:42 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-09-02 10:11:42 ----A---- C:\Windows\system32\drivers\srv.sys
2014-09-02 10:11:41 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-09-02 10:11:36 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-09-02 10:11:36 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-09-02 10:11:36 ----A---- C:\Windows\system32\cdd.dll
2014-09-02 10:11:28 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-09-02 10:11:24 ----A---- C:\Windows\system32\psisdecd.dll
2014-09-02 10:11:23 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2014-09-02 10:11:16 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-09-02 10:08:01 ----A---- C:\Windows\system32\drivers\partmgr.sys
2014-09-02 09:59:13 ----A---- C:\Windows\SYSWOW64\synceng.dll
2014-09-02 09:59:13 ----A---- C:\Windows\system32\synceng.dll
2014-09-02 09:58:56 ----A---- C:\Windows\system32\winresume.exe
2014-09-02 09:58:56 ----A---- C:\Windows\system32\winload.exe
2014-09-02 09:58:55 ----A---- C:\Windows\system32\kdusb.dll
2014-09-02 09:58:55 ----A---- C:\Windows\system32\kdcom.dll
2014-09-02 09:58:55 ----A---- C:\Windows\system32\kd1394.dll
2014-09-02 09:58:24 ----A---- C:\Windows\system32\shdocvw.dll
2014-09-02 09:58:23 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2014-09-02 09:57:20 ----A---- C:\Windows\system32\win32spl.dll
2014-09-02 09:57:19 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2014-09-02 09:57:13 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2014-09-02 09:57:13 ----A---- C:\Windows\system32\umpnpmgr.dll
2014-09-02 09:57:12 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2014-09-02 09:57:12 ----A---- C:\Windows\SYSWOW64\devobj.dll
2014-09-02 09:57:12 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2014-09-02 09:57:07 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-09-02 09:57:07 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-09-02 09:57:01 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2014-09-02 09:57:01 ----A---- C:\Windows\SYSWOW64\browcli.dll
2014-09-02 09:57:01 ----A---- C:\Windows\system32\netapi32.dll
2014-09-02 09:57:01 ----A---- C:\Windows\system32\browser.dll
2014-09-02 09:57:01 ----A---- C:\Windows\system32\browcli.dll
2014-09-02 09:56:49 ----A---- C:\Windows\system32\kernel32.dll
2014-09-02 09:56:48 ----A---- C:\Windows\system32\wow64win.dll
2014-09-02 09:56:47 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-09-02 09:56:46 ----A---- C:\Windows\system32\wow64.dll
2014-09-02 09:56:46 ----A---- C:\Windows\system32\winsrv.dll
2014-09-02 09:56:45 ----A---- C:\Windows\system32\conhost.exe
2014-09-02 09:56:44 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-09-02 09:56:43 ----A---- C:\Windows\system32\ntvdm64.dll
2014-09-02 09:56:42 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-09-02 09:56:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-09-02 09:56:41 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-09-02 09:56:41 ----A---- C:\Windows\system32\wow64cpu.dll
2014-09-02 09:56:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-09-02 09:56:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-09-02 09:56:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-09-02 09:56:40 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-09-02 09:56:40 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-09-02 09:56:40 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-09-02 09:56:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-09-02 09:56:37 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-09-02 09:56:37 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-09-02 09:56:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-09-02 09:56:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2014-09-02 09:56:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-09-02 09:56:36 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-09-02 09:56:36 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-09-02 09:56:36 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-09-02 09:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-09-02 09:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2014-09-02 09:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-09-02 09:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-09-02 09:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-09-02 09:56:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-09-02 09:56:32 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-09-02 09:56:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2014-09-02 09:56:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-09-02 09:56:29 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-09-02 09:56:29 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-09-02 09:56:28 ----A---- C:\Windows\SYSWOW64\user.exe
2014-09-02 09:55:56 ----A---- C:\Windows\system32\FXSCOVER.exe
2014-09-02 09:55:36 ----A---- C:\Windows\system32\inetcomm.dll
2014-09-02 09:55:32 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2014-09-02 09:55:12 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2014-09-02 09:55:12 ----A---- C:\Windows\system32\msvcrt.dll
2014-09-02 09:54:52 ----A---- C:\Windows\system32\certutil.exe
2014-09-02 09:54:51 ----A---- C:\Windows\SYSWOW64\certutil.exe
2014-09-02 09:54:46 ----A---- C:\Windows\SYSWOW64\certenc.dll
2014-09-02 09:54:46 ----A---- C:\Windows\system32\certenc.dll
2014-09-02 09:52:21 ----A---- C:\Windows\system32\scrrun.dll
2014-09-02 09:52:21 ----A---- C:\Windows\system32\cscript.exe
2014-09-02 09:52:19 ----A---- C:\Windows\SYSWOW64\wscript.exe
2014-09-02 09:52:18 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2014-09-02 09:52:18 ----A---- C:\Windows\system32\wscript.exe
2014-09-02 09:52:17 ----A---- C:\Windows\SYSWOW64\cscript.exe
2014-09-02 09:51:58 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-09-02 09:51:58 ----A---- C:\Windows\system32\kerberos.dll
2014-09-02 09:51:57 ----A---- C:\Windows\system32\schannel.dll
2014-09-02 09:51:57 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-02 09:51:56 ----A---- C:\Windows\system32\msv1_0.dll
2014-09-02 09:51:55 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-09-02 09:51:54 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-09-02 09:51:54 ----A---- C:\Windows\system32\wdigest.dll
2014-09-02 09:51:53 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-09-02 09:51:53 ----A---- C:\Windows\system32\drivers\cng.sys
2014-09-02 09:51:51 ----A---- C:\Windows\system32\TSpkg.dll
2014-09-02 09:51:51 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-09-02 09:51:50 ----A---- C:\Windows\system32\ncrypt.dll
2014-09-02 09:51:49 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-09-02 09:51:48 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-09-02 09:51:47 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-09-02 09:51:46 ----A---- C:\Windows\system32\lsass.exe
2014-09-02 09:51:44 ----A---- C:\Windows\system32\sspicli.dll
2014-09-02 09:51:41 ----A---- C:\Windows\system32\secur32.dll
2014-09-02 09:51:40 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-09-02 09:51:40 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-09-02 09:51:40 ----A---- C:\Windows\system32\credssp.dll
2014-09-02 09:51:39 ----A---- C:\Windows\system32\sspisrv.dll
2014-09-02 09:51:38 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-09-02 09:48:23 ----A---- C:\Windows\system32\localspl.dll
2014-09-02 09:48:10 ----A---- C:\Windows\system32\win32k.sys
2014-09-02 09:48:09 ----A---- C:\Windows\system32\gdi32.dll
2014-09-02 09:48:08 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-09-02 09:47:59 ----A---- C:\Windows\system32\drivers\bowser.sys
2014-09-02 09:47:45 ----A---- C:\Windows\system32\oleacc.dll
2014-09-02 09:47:44 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-09-02 09:47:44 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2014-09-02 09:47:44 ----A---- C:\Windows\system32\oleaut32.dll
2014-09-02 09:44:15 ----A---- C:\Windows\system32\EncDec.dll
2014-09-02 09:44:14 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2014-09-02 09:44:02 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2014-09-02 09:44:02 ----A---- C:\Windows\system32\DWrite.dll
2014-09-02 09:43:43 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2014-09-02 09:43:39 ----A---- C:\Windows\system32\cdosys.dll
2014-09-02 09:42:17 ----A---- C:\Windows\system32\IKEEXT.DLL
2014-09-02 09:42:17 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2014-09-02 09:42:16 ----A---- C:\Windows\system32\nshwfp.dll
2014-09-02 09:42:15 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2014-09-02 09:42:13 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2014-09-02 09:40:38 ----A---- C:\Windows\system32\rpcrt4.dll
2014-09-02 09:40:35 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-09-02 08:45:34 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-09-02 08:45:34 ----A---- C:\Windows\system32\packager.dll
2014-09-02 07:54:40 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2014-09-02 07:54:40 ----A---- C:\Windows\system32\rdpcore.dll
2014-09-02 07:54:40 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-09-01 22:20:43 ----A---- C:\Windows\system32\wups2.dll
2014-09-01 22:20:43 ----A---- C:\Windows\system32\wucltux.dll
2014-09-01 22:20:43 ----A---- C:\Windows\system32\wuaueng.dll
2014-09-01 22:20:43 ----A---- C:\Windows\system32\wuauclt.exe
2014-09-01 22:20:38 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-09-01 22:20:38 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-09-01 22:20:38 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-09-01 22:20:38 ----A---- C:\Windows\system32\wups.dll
2014-09-01 22:20:38 ----A---- C:\Windows\system32\wudriver.dll
2014-09-01 22:20:38 ----A---- C:\Windows\system32\wuapi.dll
2014-09-01 22:20:34 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-09-01 22:20:34 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-09-01 22:20:34 ----A---- C:\Windows\system32\wuwebv.dll
2014-09-01 22:20:34 ----A---- C:\Windows\system32\wuapp.exe
2014-09-01 21:42:19 ----SHD---- C:\Config.Msi
2014-09-01 21:36:26 ----D---- C:\ProgramData\ESET
2014-09-01 21:36:26 ----D---- C:\Program Files\ESET
2014-09-01 13:02:09 ----D---- C:\Users\PC\AppData\Roaming\ESET
2014-08-28 22:34:50 ----D---- C:\Program Files (x86)\ESET
2014-08-28 22:33:47 ----A---- C:\Windows\system32\drivers\ESETOlmarikOlmascoCleaner.sys
2014-08-28 20:20:24 ----D---- C:\Program Files\iPod
2014-08-28 20:20:23 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-28 20:20:23 ----D---- C:\Program Files\iTunes
2014-08-28 20:20:23 ----D---- C:\Program Files (x86)\iTunes
2014-08-26 09:53:06 ----D---- C:\Users\PC\AppData\Roaming\Winamp
2014-08-26 09:53:06 ----D---- C:\Program Files (x86)\Winamp
2014-08-22 20:22:09 ----A---- C:\Windows\system32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys
2014-08-22 19:22:07 ----D---- C:\Users\PC\AppData\Roaming\Opera Software
2014-08-22 19:21:59 ----D---- C:\Program Files (x86)\Opera
2014-08-22 19:21:49 ----D---- C:\ProgramData\IePluginServices
2014-08-22 19:21:41 ----D---- C:\ProgramData\WindowsMangerProtect
2014-08-22 19:21:38 ----D---- C:\Program Files (x86)\SupTab
2014-08-22 19:20:21 ----D---- C:\Program Files (x86)\WebSpades
2014-08-22 19:19:06 ----D---- C:\Program Files (x86)\globalUpdate
2014-08-22 19:19:04 ----D---- C:\Program Files (x86)\TheTorntv V10
2014-08-11 10:17:37 ----D---- C:\Program Files (x86)\Browser Tab Search by Ask
2014-08-11 10:17:33 ----D---- C:\ProgramData\SafetyNut

======List of files/folders modified in the last 1 month======

2014-09-10 20:13:48 ----D---- C:\Windows\Temp
2014-09-10 20:13:00 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2014-09-10 20:08:16 ----RD---- C:\Program Files
2014-09-10 20:05:45 ----D---- C:\Windows\rescache
2014-09-10 20:03:39 ----D---- C:\Windows\SysWOW64
2014-09-10 20:03:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-09-10 15:31:43 ----D---- C:\Windows\system32\config
2014-09-10 15:17:01 ----N---- C:\Windows\win.ini
2014-09-09 19:04:04 ----SHD---- C:\Windows\Installer
2014-09-09 19:00:46 ----RD---- C:\Program Files (x86)
2014-09-09 19:00:38 ----D---- C:\Windows\system32\drivers
2014-09-08 21:13:06 ----D---- C:\ProgramData\Skype
2014-09-08 21:13:05 ----RD---- C:\Program Files (x86)\Skype
2014-09-08 21:13:05 ----D---- C:\Program Files (x86)\Common Files
2014-09-08 21:12:56 ----D---- C:\Users\PC\AppData\Roaming\Skype
2014-09-08 18:33:46 ----D---- C:\Windows\Prefetch
2014-09-05 19:18:33 ----D---- C:\Windows\Microsoft.NET
2014-09-04 08:02:32 ----D---- C:\Windows\system32\wdi
2014-09-03 20:55:50 ----RSD---- C:\Windows\assembly
2014-09-03 16:34:08 ----D---- C:\Windows\winsxs
2014-09-03 16:31:59 ----D---- C:\Windows
2014-09-03 16:31:13 ----D---- C:\Windows\system32\DriverStore
2014-09-03 16:31:12 ----D---- C:\Windows\System32
2014-09-03 16:31:04 ----D---- C:\Windows\inf
2014-09-03 07:35:32 ----D---- C:\ProgramData\Microsoft Help
2014-09-02 21:46:50 ----D---- C:\Windows\system32\NDF
2014-09-02 20:50:23 ----D---- C:\Windows\system32\catroot
2014-09-02 20:34:12 ----D---- C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
2014-09-02 20:33:54 ----D---- C:\Windows\Panther
2014-09-02 20:33:53 ----D---- C:\Windows\Minidump
2014-09-02 20:33:53 ----D---- C:\Windows\Logs
2014-09-02 20:33:53 ----D---- C:\Windows\debug
2014-09-02 20:26:48 ----D---- C:\Windows\system32\Tasks
2014-09-02 20:21:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-02 20:09:12 ----D---- C:\Windows\system32\catroot2
2014-09-02 20:06:11 ----D---- C:\Windows\ehome
2014-09-02 20:06:10 ----D---- C:\Program Files\Common Files\System
2014-09-02 20:06:09 ----D---- C:\Program Files\Windows Journal
2014-09-02 20:05:55 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-09-02 20:05:55 ----D---- C:\Windows\system32\cs-CZ
2014-09-02 20:05:51 ----D---- C:\Program Files\Windows Defender
2014-09-02 20:05:51 ----D---- C:\Program Files (x86)\Windows Defender
2014-09-02 20:05:48 ----D---- C:\Windows\system32\wbem
2014-09-02 20:05:33 ----D---- C:\Windows\system32\Boot
2014-09-02 20:05:23 ----D---- C:\Windows\AppPatch
2014-09-02 20:05:20 ----D---- C:\Program Files\Internet Explorer
2014-09-02 20:05:19 ----D---- C:\Windows\SYSWOW64\en-US
2014-09-02 20:05:17 ----D---- C:\Windows\system32\en-US
2014-09-02 20:05:17 ----D---- C:\Windows\PolicyDefinitions
2014-09-02 20:05:14 ----D---- C:\Program Files (x86)\Internet Explorer
2014-09-02 19:36:43 ----D---- C:\Windows\Tasks
2014-09-02 17:32:58 ----D---- C:\ProgramData\6979bd296c75c2fc
2014-09-02 17:31:38 ----HD---- C:\ProgramData
2014-09-02 16:36:24 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-09-02 12:35:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-02 12:22:26 ----D---- C:\Windows\SoftwareDistribution
2014-09-02 11:53:05 ----D---- C:\Windows\AutoKMS
2014-09-01 22:45:21 ----D---- C:\Windows\system32\LogFiles
2014-09-01 22:09:50 ----SD---- C:\ProgramData\Microsoft
2014-08-31 20:18:55 ----SD---- C:\Users\PC\AppData\Roaming\Microsoft
2014-08-28 23:28:18 ----D---- C:\ProgramData\TakeTTheuCoupoin
2014-08-28 23:28:13 ----D---- C:\ProgramData\ShopDrop
2014-08-28 23:28:11 ----D---- C:\ProgramData\SaveNewwAAppz
2014-08-28 23:28:09 ----D---- C:\ProgramData\EnJoiyCoupon
2014-08-28 23:28:07 ----D---- C:\ProgramData\EEnjjoyCouipon
2014-08-28 23:28:05 ----D---- C:\ProgramData\DealExppress
2014-08-26 19:53:39 ----D---- C:\Users\PC\AppData\Roaming\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 {ed7eb956-75ed-460d-8f69-29a93b07afd1}w64;{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64; C:\Windows\system32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys [2014-08-21 61120]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-04-06 283064]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R2 rimspci;rimspci; C:\Windows\system32\DRIVERS\rimssne64.sys [2010-09-08 94208]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-11-29 13201920]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-11-29 624128]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-09-15 299568]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-09 1394176]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-05 3707864]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-08-03 11392]
R3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-06-10 54784]
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc1.cfg []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 ESETOlmarikOlmascoCleaner;ESET Olmarik/Olmasco Cleaner; \??\C:\Windows\system32\Drivers\ESETOlmarikOlmascoCleaner.sys [2014-09-01 157384]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-11-29 239616]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 e9f32388;GS Supporter; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-02-24 1343408]
R2 IePluginServices;IePlugin Services; C:\ProgramData\IePluginServices\PluginService.exe [2014-08-22 694784]
R2 SafetyNutManager;SafetyNut Manager; C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe [2014-04-27 3544072]
R2 Update WebSpades;Update WebSpades; C:\Program Files (x86)\WebSpades\updateWebSpades.exe [2014-09-04 323360]
R2 Util WebSpades;Util WebSpades; C:\Program Files (x86)\WebSpades\bin\utilWebSpades.exe [2014-09-04 323360]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2010-05-31 217968]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2014-08-22 528896]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-08-22 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-02 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-08-22 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-02 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-02 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------
Moc děkuji

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v3.309 - Report created 11/09/2014 at 18:05:45
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : PC - VAIO
# Running from : C:\Users\PC\Downloads\adwcleaner_3.309.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : e9f32388
[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : IePluginServices
[#] Service Deleted : SafetyNutManager
[#] Service Deleted : Update WebSpades
[#] Service Deleted : Util WebSpades
Service Deleted : WindowsMangerProtect
Service Deleted : {ed7eb956-75ed-460d-8f69-29a93b07afd1}w64

***** [ Files / Folders ] *****

[#] Folder Deleted : C:\ProgramData\BitGuard
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\SafetyNut
Folder Deleted : C:\ProgramData\ShopDroP
Folder Deleted : C:\ProgramData\SuperbApp
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\DealExppress
Folder Deleted : C:\ProgramData\EEnjjoyCouipon
Folder Deleted : C:\ProgramData\EnJoiyCoupon
Folder Deleted : C:\ProgramData\SaveeNeuwaAoppzz
Folder Deleted : C:\ProgramData\SaveNewwAAppz
Folder Deleted : C:\ProgramData\TakeTTheuCoupoin
[!] Folder Deleted : C:\Program Files (x86)\Browser Tab Search by Ask
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\gs supporter
Folder Deleted : C:\Program Files (x86)\SupTab
[!] Folder Deleted : C:\Program Files (x86)\WebSpades
Folder Deleted : C:\Program Files (x86)\TheTorntv V10
[!] Folder Deleted : C:\Program Files (x86)\WebSpades
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\PC\AppData\Local\globalUpdate
Folder Deleted : C:\Users\PC\AppData\Local\torch
Folder Deleted : C:\Users\PC\AppData\LocalLow\TheTorntv V10
Folder Deleted : C:\Users\PC\Documents\Mobogenie
Folder Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ftd8b5ix.default\CT1750559
Folder Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ftd8b5ix.default\Extensions\faststartff@gmail.com
Folder Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ftd8b5ix.default\Extensions\ah2v9zj@u-djojak.net
Folder Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ftd8b5ix.default\Extensions\hpa4uyoyoo@mtiy-nfe.net
Folder Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ftd8b5ix.default\Extensions\pjieuoozk@p-cv.com
Folder Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ftd8b5ix.default\Extensions\r6w8e1@ye-elav.co.uk
Folder Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ftd8b5ix.default\Extensions\ue82e@eeeoiu.edu
Folder Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ftd8b5ix.default\Extensions\ylngd@ieao-edst.net
Folder Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ftd8b5ix.default\Extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
Folder Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ftd8b5ix.default\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnamonjmceacknhhdfgcdmgfgbpegpkh
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnamonjmceacknhhdfgcdmgfgbpegpkh
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnamonjmceacknhhdfgcdmgfgbpegpkh
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnamonjmceacknhhdfgcdmgfgbpegpkh
File Deleted : C:\Windows\System32\drivers\{ed7eb956-75ed-460d-8f69-29a93b07afd1}w64.sys
File Deleted : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ftd8b5ix.default\searchplugins\bingp.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml
File Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : 67f5d581-0608-49a5-aa09-b2e81c02ddca-1
Task Deleted : 67f5d581-0608-49a5-aa09-b2e81c02ddca-11
Task Deleted : 67f5d581-0608-49a5-aa09-b2e81c02ddca-2
Task Deleted : 67f5d581-0608-49a5-aa09-b2e81c02ddca-3
Task Deleted : 67f5d581-0608-49a5-aa09-b2e81c02ddca-4
Task Deleted : 67f5d581-0608-49a5-aa09-b2e81c02ddca-5
Task Deleted : 67f5d581-0608-49a5-aa09-b2e81c02ddca-5_user
Task Deleted : 67f5d581-0608-49a5-aa09-b2e81c02ddca-6
Task Deleted : 67f5d581-0608-49a5-aa09-b2e81c02ddca-7
Task Deleted : 91d9a72d-c59f-42b3-b3d8-a562ae9da3c4

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebSpades_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebSpades_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateWebSpades_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateWebSpades_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilWebSpades_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilWebSpades_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update WebSpades
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util WebSpades
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{e9f32388}
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0063311.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0063311.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0063311.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0063311.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611331111}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622332211}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335511}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336611}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644334411}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611331111}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611331111}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622332211}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335511}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336611}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\SafetyNut
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\WebSpades
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\TheTorntv V10
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
Key Deleted : HKLM\SOFTWARE\SafetyNut
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\TheTorntv V10
Key Deleted : HKLM\SOFTWARE\WebSpades
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TheTorntv V10
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebSpades
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v

[ File : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\ftd8b5ix.default\prefs.js ]

Line Deleted : user_pref("CT1750559.FF19Solved", "true");
Line Deleted : user_pref("CT1750559.UserID", "UN35583415131083521");
Line Deleted : user_pref("CT1750559.dum", "2");
Line Deleted : user_pref("CT1750559.fullUserID", "UN35583415131083521.IN.20140407203317");
Line Deleted : user_pref("CT1750559.installDate", "07/04/2014 20:33:18");
Line Deleted : user_pref("CT1750559.installSessionId", "a944dc7d-0aa5-4eaf-a880-a5b9657a470d");
Line Deleted : user_pref("CT1750559.installSp", "FALSE");
Line Deleted : user_pref("CT1750559.installUsage", "07/04/2014 20:41:20");
Line Deleted : user_pref("CT1750559.installUsageEarly", "07/04/2014 20:41:20");
Line Deleted : user_pref("CT1750559.installerVersion", "1.10.0.6");
Line Deleted : user_pref("CT1750559.searchRevert", "false");
Line Deleted : user_pref("CT1750559.searchUninstallUserMode", "1");
Line Deleted : user_pref("CT1750559.searchUserMode", "1");
Line Deleted : user_pref("CT1750559.toolbarInstallDate", "07-04-2014 20:33:17");
Line Deleted : user_pref("CT1750559.versionFromInstaller", "10.29.0.20");
Line Deleted : user_pref("CT1750559.xpeMode", "1");
Line Deleted : user_pref("browser.newtab.url", "hxxp://www.istartsurf.com/newtab/?type=nt&ts=1 ... XX5VEETFHQ");
Line Deleted : user_pref("browser.search.defaultenginename", "istartsurf");
Line Deleted : user_pref("browser.search.selectedEngine", "istartsurf");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.istartsurf.com/?type=hp&ts=14087280 ... XX5VEETFHQ");
Line Deleted : user_pref("extensions.KzETk9a8aeE.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumo[...]
Line Deleted : user_pref("extensions.SoxpI6SA5Dzb.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sum[...]
Line Deleted : user_pref("extensions.aa338c5448f724f94af2f11cc4cdd6788a64e7ca7d83cb2cdcom63311.63311.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7[...]
Line Deleted : user_pref("extensions.crossrider.bic", "1482d4a86f8c1008a2b9ad85cc04e2b4");
Line Deleted : user_pref("extensions.hMGRAR.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.[...]
Line Deleted : user_pref("extensions.kJ0B.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.ne[...]
Line Deleted : user_pref("extensions.kq0MKONGBd.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumor[...]
Line Deleted : user_pref("extensions.oNSpzg.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.[...]
Line Deleted : user_pref("extensions.qn9b3Z18S.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumoro[...]
Line Deleted : user_pref("smartbar.machineId", "QT630LFGGZSU4EJ5BQYZBMAG2VIHG8HTVAECA8Q2CRLGV7YSR9EI5VCAYYGNQCBOZBQDGXWHKCUYN8+5NPMMWW");

-\\ Google Chrome v37.0.2062.103

[ File : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=210&systemid=488&v=r12521-436&apn_uid=3454530214814195&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}

*************************

AdwCleaner[R0].txt - [30993 octets] - [11/09/2014 18:04:17]
AdwCleaner[S0].txt - [26669 octets] - [11/09/2014 18:05:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [26730 octets] ##########

Dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2014-09-11 19:10:42
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 225 GB (47%) free of 477 GB
Total RAM: 3950 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:10:48, on 11.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
O4 - HKLM\..\Run: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIH3E.EXE /EPT "EPLTarget\P0000000000000000" /M "WP-4535 Series"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10091 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {C26E7BE7-143C-433A-B417-FB3C3A8425BB}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Apoint\Apoint.exe"
"C:\Program Files\Apoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Windows\System32\spool\drivers\x64\3\E_YATIH3E.EXE" /EPT "EPLTarget\P0000000000000000" /M "WP-4535 Series"
"Apntex.exe"
"C:\Program Files\Apoint\Apvfb.exe"
\??\C:\Windows\system32\conhost.exe "2091437052936127900143177438621168974192124424714-1306237168-1150306112139259086
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe"
"C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe"
"C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3064.0.1034007253\365229114" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17 --gpu-vendor-id=0x1002 --gpu-device-id=0x68e0 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.250.18.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3064.1.983039157\1146749782" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3064.2.1101983203\470600307" /prefetch:673131151
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3064.9.1925083862\447175558" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3064.10.591050673\1617970927" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3064.13.1728887308\939541493" /prefetch:673131151
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\splwow64.exe 12288
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3064.23.1011219959\165251955" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3064.26.1601439145\616487805" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3064.28.1535682747\1068549313" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="3064.31.2033401578\1156549908" /prefetch:673131151
"C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe" "C:\Users\PC\Downloads\Diana.2013. HDRip XViD NO1KNOWS\Diana.2013. HDRip XViD NO1KNOWS.avi"

taskhost.exe $(Arg0)
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\PC\Downloads\RSITx64 (2).exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3726450706-3269888690-392598298-1000Core.job - C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3726450706-3269888690-392598298-1000UA.job - C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-06 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-06 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-11-05 1361112]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2010-09-15 212480]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-02-24 5581888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-06 136176]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-08-01 3673696]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"uTorrent"=C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe [2014-08-11 1322832]
"EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIH3E.EXE [2011-07-19 239488]
"GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-08-30 852808]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-11-29 766208]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"FUFAXRCV"=C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [2011-03-09 495616]
"FUFAXSTM"=C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [2011-03-09 856064]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392]

C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ESETOlmarikOlmascoCleaner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ESETOlmarikOlmascoCleaner.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-11 18:05:17 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-09-11 18:04:12 ----D---- C:\AdwCleaner
2014-09-10 20:08:16 ----D---- C:\rsit
2014-09-10 20:08:16 ----D---- C:\Program Files\trend micro
2014-09-02 21:28:42 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2014-09-02 21:28:42 ----A---- C:\Windows\system32\drivers\bthport.sys
2014-09-02 20:36:39 ----D---- C:\Windows\SYSWOW64\Wat
2014-09-02 20:36:38 ----D---- C:\Windows\system32\Wat
2014-09-02 20:26:41 ----D---- C:\Program Files\CCleaner
2014-09-02 19:36:30 ----D---- C:\Program Files (x86)\Google
2014-09-02 15:14:42 ----D---- C:\Windows\system32\MRT
2014-09-02 15:14:22 ----A---- C:\Windows\system32\MRT.exe
2014-09-02 14:35:09 ----A---- C:\Windows\system32\browserchoice.exe
2014-09-02 13:44:33 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2014-09-02 13:44:25 ----A---- C:\Windows\SYSWOW64\wmi.dll
2014-09-02 13:44:25 ----A---- C:\Windows\system32\wmi.dll
2014-09-02 13:21:47 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-09-02 13:00:24 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-02 13:00:24 ----A---- C:\Windows\system32\tzres.dll
2014-09-02 12:18:26 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-09-02 12:18:26 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-09-02 12:18:26 ----A---- C:\Windows\system32\infocardapi.dll
2014-09-02 12:18:26 ----A---- C:\Windows\system32\icardagt.exe
2014-09-02 12:18:22 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-09-02 12:18:22 ----A---- C:\Windows\system32\icardres.dll
2014-09-02 12:17:56 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-09-02 12:17:56 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-09-02 11:20:39 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2014-09-02 11:20:39 ----A---- C:\Windows\system32\poqexec.exe
2014-09-02 10:55:35 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-09-02 10:55:35 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-09-02 10:55:34 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-09-02 10:55:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-09-02 10:55:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-09-02 10:55:33 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-02 10:55:33 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-09-02 10:55:33 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-02 10:55:33 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-02 10:55:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-09-02 10:55:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-09-02 10:55:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-09-02 10:55:31 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-02 10:55:30 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-09-02 10:55:30 ----A---- C:\Windows\system32\iernonce.dll
2014-09-02 10:55:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-09-02 10:55:27 ----A---- C:\Windows\system32\urlmon.dll
2014-09-02 10:55:26 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-09-02 10:55:26 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-02 10:55:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-09-02 10:55:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-09-02 10:55:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-09-02 10:55:25 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-02 10:55:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-02 10:55:25 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-02 10:55:24 ----A---- C:\Windows\system32\iesetup.dll
2014-09-02 10:55:24 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-02 10:55:23 ----A---- C:\Windows\system32\iertutil.dll
2014-09-02 10:55:22 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-09-02 10:55:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-09-02 10:55:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-09-02 10:55:21 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-09-02 10:55:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-09-02 10:55:20 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-09-02 10:55:20 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-09-02 10:55:20 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-02 10:55:19 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-09-02 10:55:18 ----A---- C:\Windows\system32\ieui.dll
2014-09-02 10:55:18 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-02 10:55:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-09-02 10:55:17 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-02 10:55:17 ----A---- C:\Windows\system32\ieframe.dll
2014-09-02 10:55:16 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-02 10:55:16 ----A---- C:\Windows\system32\jscript9.dll
2014-09-02 10:55:16 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-02 10:55:15 ----A---- C:\Windows\system32\wininet.dll
2014-09-02 10:55:15 ----A---- C:\Windows\system32\vbscript.dll
2014-09-02 10:55:15 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-02 10:55:14 ----A---- C:\Windows\system32\msrating.dll
2014-09-02 10:55:14 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-02 10:55:13 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-02 10:55:12 ----A---- C:\Windows\system32\mshtml.dll
2014-09-02 10:49:25 ----A---- C:\Windows\system32\odbccu32.dll
2014-09-02 10:49:25 ----A---- C:\Windows\system32\odbccr32.dll
2014-09-02 10:49:25 ----A---- C:\Windows\system32\odbccp32.dll
2014-09-02 10:49:24 ----A---- C:\Windows\system32\odbctrac.dll
2014-09-02 10:49:22 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2014-09-02 10:49:22 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2014-09-02 10:49:21 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2014-09-02 10:49:21 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2014-09-02 10:49:20 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2014-09-02 10:49:09 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2014-09-02 10:49:09 ----A---- C:\Windows\system32\comctl32.dll
2014-09-02 10:48:50 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-09-02 10:48:50 ----A---- C:\Windows\system32\mstscax.dll
2014-09-02 10:48:47 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-09-02 10:48:47 ----A---- C:\Windows\system32\tsgqec.dll
2014-09-02 10:48:47 ----A---- C:\Windows\system32\aaclient.dll
2014-09-02 10:48:46 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-09-02 10:48:01 ----A---- C:\Windows\system32\shell32.dll
2014-09-02 10:47:58 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-09-02 10:47:44 ----A---- C:\Windows\system32\wintrust.dll
2014-09-02 10:47:43 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-09-02 10:45:25 ----A---- C:\Windows\system32\CPFilters.dll
2014-09-02 10:45:22 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2014-09-02 10:45:19 ----A---- C:\Windows\system32\sbe.dll
2014-09-02 10:45:17 ----A---- C:\Windows\SYSWOW64\sbe.dll
2014-09-02 10:44:53 ----A---- C:\Windows\system32\quartz.dll
2014-09-02 10:44:51 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-09-02 10:44:46 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-09-02 10:44:45 ----A---- C:\Windows\system32\qdvd.dll
2014-09-02 10:41:15 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2014-09-02 10:41:14 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-09-02 10:41:14 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-09-02 10:41:06 ----A---- C:\Windows\system32\usp10.dll
2014-09-02 10:41:05 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-09-02 10:40:54 ----A---- C:\Windows\SYSWOW64\webio.dll
2014-09-02 10:40:52 ----A---- C:\Windows\system32\webio.dll
2014-09-02 10:28:31 ----A---- C:\Windows\system32\crypt32.dll
2014-09-02 10:28:30 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-09-02 10:28:30 ----A---- C:\Windows\system32\cryptsvc.dll
2014-09-02 10:28:30 ----A---- C:\Windows\system32\cryptnet.dll
2014-09-02 10:28:29 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-09-02 10:28:29 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2014-09-02 10:27:50 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-09-02 10:27:50 ----A---- C:\Windows\system32\wer.dll
2014-09-02 10:27:47 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2014-09-02 10:27:47 ----A---- C:\Windows\system32\imagehlp.dll
2014-09-02 10:27:43 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-09-02 10:27:43 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-09-02 10:27:42 ----A---- C:\Windows\system32\drivers\netio.sys
2014-09-02 10:26:02 ----A---- C:\Windows\system32\msxml6.dll
2014-09-02 10:26:02 ----A---- C:\Windows\system32\msxml3.dll
2014-09-02 10:26:01 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-09-02 10:26:01 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-09-02 10:26:01 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-09-02 10:26:01 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-09-02 10:26:01 ----A---- C:\Windows\system32\msxml6r.dll
2014-09-02 10:26:01 ----A---- C:\Windows\system32\msxml3r.dll
2014-09-02 10:25:56 ----A---- C:\Windows\system32\drivers\portcls.sys
2014-09-02 10:25:56 ----A---- C:\Windows\system32\drivers\drmk.sys
2014-09-02 10:25:48 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-09-02 10:25:48 ----A---- C:\Windows\system32\osk.exe
2014-09-02 10:25:21 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2014-09-02 10:25:21 ----A---- C:\Windows\system32\atmlib.dll
2014-09-02 10:25:21 ----A---- C:\Windows\system32\atmfd.dll
2014-09-02 10:25:20 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2014-09-02 10:25:20 ----A---- C:\Windows\system32\dciman32.dll
2014-09-02 10:25:19 ----A---- C:\Windows\SYSWOW64\lpk.dll
2014-09-02 10:25:19 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2014-09-02 10:25:19 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2014-09-02 10:25:19 ----A---- C:\Windows\system32\lpk.dll
2014-09-02 10:25:19 ----A---- C:\Windows\system32\fontsub.dll
2014-09-02 10:25:16 ----A---- C:\Windows\system32\mfc42u.dll
2014-09-02 10:25:16 ----A---- C:\Windows\system32\mfc42.dll
2014-09-02 10:25:15 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2014-09-02 10:25:14 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2014-09-02 10:25:11 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-09-02 10:25:11 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-09-02 10:25:11 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-09-02 10:25:10 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-09-02 10:25:10 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-09-02 10:25:06 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-09-02 10:25:06 ----A---- C:\Windows\system32\qedit.dll
2014-09-02 10:25:03 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-09-02 10:25:03 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-09-02 10:25:00 ----A---- C:\Windows\system32\drivers\usb8023.sys
2014-09-02 10:24:54 ----A---- C:\Windows\system32\rdrmemptylst.exe
2014-09-02 10:24:54 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-09-02 10:24:53 ----A---- C:\Windows\system32\rdpwsx.dll
2014-09-02 10:24:43 ----A---- C:\Windows\system32\drivers\afd.sys
2014-09-02 10:24:40 ----A---- C:\Windows\system32\Wdfres.dll
2014-09-02 10:24:40 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2014-09-02 10:24:40 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2014-09-02 10:24:38 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2014-09-02 10:24:37 ----A---- C:\Windows\system32\drivers\usbcir.sys
2014-09-02 10:24:32 ----A---- C:\Windows\system32\drivers\hidparse.sys
2014-09-02 10:24:32 ----A---- C:\Windows\system32\drivers\hidclass.sys
2014-09-02 10:24:28 ----A---- C:\Windows\system32\dnsapi.dll
2014-09-02 10:24:27 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-09-02 10:24:27 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-09-02 10:24:27 ----A---- C:\Windows\system32\dnscacheugc.exe
2014-09-02 10:24:26 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2014-09-02 10:22:40 ----A---- C:\Windows\system32\dpnet.dll
2014-09-02 10:22:39 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2014-09-02 10:22:21 ----A---- C:\Windows\system32\msi.dll
2014-09-02 10:22:18 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-09-02 10:22:08 ----A---- C:\Windows\system32\authui.dll
2014-09-02 10:22:06 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-09-02 10:22:06 ----A---- C:\Windows\system32\consent.exe
2014-09-02 10:22:06 ----A---- C:\Windows\system32\appinfo.dll
2014-09-02 10:22:05 ----A---- C:\Windows\system32\msihnd.dll
2014-09-02 10:22:04 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-09-02 10:21:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-09-02 10:21:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-09-02 10:21:03 ----A---- C:\Windows\system32\winlogon.exe
2014-09-02 10:21:02 ----A---- C:\Windows\system32\KernelBase.dll
2014-09-02 10:21:00 ----A---- C:\Windows\system32\objsel.dll
2014-09-02 10:20:59 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-09-02 10:20:54 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-09-02 10:20:53 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-09-02 10:20:49 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-09-02 10:20:49 ----A---- C:\Windows\system32\smss.exe
2014-09-02 10:20:49 ----A---- C:\Windows\system32\dimsroam.dll
2014-09-02 10:20:49 ----A---- C:\Windows\system32\cngprovider.dll
2014-09-02 10:20:49 ----A---- C:\Windows\system32\adprovider.dll
2014-09-02 10:20:48 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-09-02 10:20:48 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-09-02 10:20:48 ----A---- C:\Windows\system32\capiprovider.dll
2014-09-02 10:20:47 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-09-02 10:20:47 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-09-02 10:20:47 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-09-02 10:20:45 ----A---- C:\Windows\system32\csrsrv.dll
2014-09-02 10:20:44 ----A---- C:\Windows\system32\wincredprovider.dll
2014-09-02 10:20:43 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-09-02 10:20:32 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2014-09-02 10:20:32 ----A---- C:\Windows\system32\apisetschema.dll
2014-09-02 10:12:15 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-09-02 10:12:15 ----A---- C:\Windows\system32\d3d10warp.dll
2014-09-02 10:12:15 ----A---- C:\Windows\system32\d2d1.dll
2014-09-02 10:12:14 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-09-02 10:11:42 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-09-02 10:11:42 ----A---- C:\Windows\system32\drivers\srv.sys
2014-09-02 10:11:41 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-09-02 10:11:36 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-09-02 10:11:36 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-09-02 10:11:36 ----A---- C:\Windows\system32\cdd.dll
2014-09-02 10:11:28 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-09-02 10:11:24 ----A---- C:\Windows\system32\psisdecd.dll
2014-09-02 10:11:23 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2014-09-02 10:11:16 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-09-02 10:08:01 ----A---- C:\Windows\system32\drivers\partmgr.sys
2014-09-02 09:59:13 ----A---- C:\Windows\SYSWOW64\synceng.dll
2014-09-02 09:59:13 ----A---- C:\Windows\system32\synceng.dll
2014-09-02 09:58:56 ----A---- C:\Windows\system32\winresume.exe
2014-09-02 09:58:56 ----A---- C:\Windows\system32\winload.exe
2014-09-02 09:58:55 ----A---- C:\Windows\system32\kdusb.dll
2014-09-02 09:58:55 ----A---- C:\Windows\system32\kdcom.dll
2014-09-02 09:58:55 ----A---- C:\Windows\system32\kd1394.dll
2014-09-02 09:58:24 ----A---- C:\Windows\system32\shdocvw.dll
2014-09-02 09:58:23 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2014-09-02 09:57:20 ----A---- C:\Windows\system32\win32spl.dll
2014-09-02 09:57:19 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2014-09-02 09:57:13 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2014-09-02 09:57:13 ----A---- C:\Windows\system32\umpnpmgr.dll
2014-09-02 09:57:12 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2014-09-02 09:57:12 ----A---- C:\Windows\SYSWOW64\devobj.dll
2014-09-02 09:57:12 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2014-09-02 09:57:07 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-09-02 09:57:07 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-09-02 09:57:01 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2014-09-02 09:57:01 ----A---- C:\Windows\SYSWOW64\browcli.dll
2014-09-02 09:57:01 ----A---- C:\Windows\system32\netapi32.dll
2014-09-02 09:57:01 ----A---- C:\Windows\system32\browser.dll
2014-09-02 09:57:01 ----A---- C:\Windows\system32\browcli.dll
2014-09-02 09:56:49 ----A---- C:\Windows\system32\kernel32.dll
2014-09-02 09:56:48 ----A---- C:\Windows\system32\wow64win.dll
2014-09-02 09:56:47 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-09-02 09:56:46 ----A---- C:\Windows\system32\wow64.dll
2014-09-02 09:56:46 ----A---- C:\Windows\system32\winsrv.dll
2014-09-02 09:56:45 ----A---- C:\Windows\system32\conhost.exe
2014-09-02 09:56:44 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-09-02 09:56:43 ----A---- C:\Windows\system32\ntvdm64.dll
2014-09-02 09:56:42 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-09-02 09:56:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-09-02 09:56:41 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-09-02 09:56:41 ----A---- C:\Windows\system32\wow64cpu.dll
2014-09-02 09:56:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-09-02 09:56:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-09-02 09:56:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-09-02 09:56:40 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-09-02 09:56:40 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-09-02 09:56:40 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-09-02 09:56:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-09-02 09:56:37 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-09-02 09:56:37 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-09-02 09:56:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-09-02 09:56:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2014-09-02 09:56:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-09-02 09:56:36 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-09-02 09:56:36 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-09-02 09:56:36 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-09-02 09:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-09-02 09:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2014-09-02 09:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-09-02 09:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-09-02 09:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-09-02 09:56:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-09-02 09:56:32 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-09-02 09:56:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2014-09-02 09:56:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-09-02 09:56:29 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-09-02 09:56:29 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-09-02 09:56:28 ----A---- C:\Windows\SYSWOW64\user.exe
2014-09-02 09:55:56 ----A---- C:\Windows\system32\FXSCOVER.exe
2014-09-02 09:55:36 ----A---- C:\Windows\system32\inetcomm.dll
2014-09-02 09:55:32 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2014-09-02 09:55:12 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2014-09-02 09:55:12 ----A---- C:\Windows\system32\msvcrt.dll
2014-09-02 09:54:52 ----A---- C:\Windows\system32\certutil.exe
2014-09-02 09:54:51 ----A---- C:\Windows\SYSWOW64\certutil.exe
2014-09-02 09:54:46 ----A---- C:\Windows\SYSWOW64\certenc.dll
2014-09-02 09:54:46 ----A---- C:\Windows\system32\certenc.dll
2014-09-02 09:52:21 ----A---- C:\Windows\system32\scrrun.dll
2014-09-02 09:52:21 ----A---- C:\Windows\system32\cscript.exe
2014-09-02 09:52:19 ----A---- C:\Windows\SYSWOW64\wscript.exe
2014-09-02 09:52:18 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2014-09-02 09:52:18 ----A---- C:\Windows\system32\wscript.exe
2014-09-02 09:52:17 ----A---- C:\Windows\SYSWOW64\cscript.exe
2014-09-02 09:51:58 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-09-02 09:51:58 ----A---- C:\Windows\system32\kerberos.dll
2014-09-02 09:51:57 ----A---- C:\Windows\system32\schannel.dll
2014-09-02 09:51:57 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-02 09:51:56 ----A---- C:\Windows\system32\msv1_0.dll
2014-09-02 09:51:55 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-09-02 09:51:54 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-09-02 09:51:54 ----A---- C:\Windows\system32\wdigest.dll
2014-09-02 09:51:53 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-09-02 09:51:53 ----A---- C:\Windows\system32\drivers\cng.sys
2014-09-02 09:51:51 ----A---- C:\Windows\system32\TSpkg.dll
2014-09-02 09:51:51 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-09-02 09:51:50 ----A---- C:\Windows\system32\ncrypt.dll
2014-09-02 09:51:49 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-09-02 09:51:48 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-09-02 09:51:47 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-09-02 09:51:46 ----A---- C:\Windows\system32\lsass.exe
2014-09-02 09:51:44 ----A---- C:\Windows\system32\sspicli.dll
2014-09-02 09:51:41 ----A---- C:\Windows\system32\secur32.dll
2014-09-02 09:51:40 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-09-02 09:51:40 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-09-02 09:51:40 ----A---- C:\Windows\system32\credssp.dll
2014-09-02 09:51:39 ----A---- C:\Windows\system32\sspisrv.dll
2014-09-02 09:51:38 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-09-02 09:48:23 ----A---- C:\Windows\system32\localspl.dll
2014-09-02 09:48:10 ----A---- C:\Windows\system32\win32k.sys
2014-09-02 09:48:09 ----A---- C:\Windows\system32\gdi32.dll
2014-09-02 09:48:08 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-09-02 09:47:59 ----A---- C:\Windows\system32\drivers\bowser.sys
2014-09-02 09:47:45 ----A---- C:\Windows\system32\oleacc.dll
2014-09-02 09:47:44 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-09-02 09:47:44 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2014-09-02 09:47:44 ----A---- C:\Windows\system32\oleaut32.dll
2014-09-02 09:44:15 ----A---- C:\Windows\system32\EncDec.dll
2014-09-02 09:44:14 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2014-09-02 09:44:02 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2014-09-02 09:44:02 ----A---- C:\Windows\system32\DWrite.dll
2014-09-02 09:43:43 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2014-09-02 09:43:39 ----A---- C:\Windows\system32\cdosys.dll
2014-09-02 09:42:17 ----A---- C:\Windows\system32\IKEEXT.DLL
2014-09-02 09:42:17 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2014-09-02 09:42:16 ----A---- C:\Windows\system32\nshwfp.dll
2014-09-02 09:42:15 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2014-09-02 09:42:13 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2014-09-02 09:40:38 ----A---- C:\Windows\system32\rpcrt4.dll
2014-09-02 09:40:35 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-09-02 08:45:34 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-09-02 08:45:34 ----A---- C:\Windows\system32\packager.dll
2014-09-02 07:54:40 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2014-09-02 07:54:40 ----A---- C:\Windows\system32\rdpcore.dll
2014-09-02 07:54:40 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-09-01 22:20:43 ----A---- C:\Windows\system32\wups2.dll
2014-09-01 22:20:43 ----A---- C:\Windows\system32\wucltux.dll
2014-09-01 22:20:43 ----A---- C:\Windows\system32\wuaueng.dll
2014-09-01 22:20:43 ----A---- C:\Windows\system32\wuauclt.exe
2014-09-01 22:20:38 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-09-01 22:20:38 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-09-01 22:20:38 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-09-01 22:20:38 ----A---- C:\Windows\system32\wups.dll
2014-09-01 22:20:38 ----A---- C:\Windows\system32\wudriver.dll
2014-09-01 22:20:38 ----A---- C:\Windows\system32\wuapi.dll
2014-09-01 22:20:34 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-09-01 22:20:34 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-09-01 22:20:34 ----A---- C:\Windows\system32\wuwebv.dll
2014-09-01 22:20:34 ----A---- C:\Windows\system32\wuapp.exe
2014-09-01 21:42:19 ----SHD---- C:\Config.Msi
2014-09-01 21:36:26 ----D---- C:\ProgramData\ESET
2014-09-01 21:36:26 ----D---- C:\Program Files\ESET
2014-09-01 13:02:09 ----D---- C:\Users\PC\AppData\Roaming\ESET
2014-08-28 22:34:50 ----D---- C:\Program Files (x86)\ESET
2014-08-28 22:33:47 ----A---- C:\Windows\system32\drivers\ESETOlmarikOlmascoCleaner.sys
2014-08-28 20:20:24 ----D---- C:\Program Files\iPod
2014-08-28 20:20:23 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-28 20:20:23 ----D---- C:\Program Files\iTunes
2014-08-28 20:20:23 ----D---- C:\Program Files (x86)\iTunes
2014-08-26 09:53:06 ----D---- C:\Users\PC\AppData\Roaming\Winamp
2014-08-26 09:53:06 ----D---- C:\Program Files (x86)\Winamp
2014-08-22 19:22:07 ----D---- C:\Users\PC\AppData\Roaming\Opera Software
2014-08-22 19:21:59 ----D---- C:\Program Files (x86)\Opera
2014-08-22 19:20:21 ----D---- C:\Program Files (x86)\WebSpades

======List of files/folders modified in the last 1 month======

2014-09-11 19:10:23 ----D---- C:\Windows\Temp
2014-09-11 19:09:52 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2014-09-11 18:50:59 ----D---- C:\Windows\system32\config
2014-09-11 18:07:46 ----RD---- C:\Program Files (x86)
2014-09-11 18:06:34 ----A---- C:\Windows\win.ini
2014-09-11 18:06:23 ----D---- C:\Windows\Tasks
2014-09-11 18:06:23 ----D---- C:\Windows\system32\Tasks
2014-09-11 18:06:13 ----D---- C:\Windows\system32\drivers
2014-09-11 18:05:59 ----HD---- C:\ProgramData
2014-09-11 18:05:17 ----D---- C:\Windows\SysWOW64
2014-09-11 17:54:00 ----D---- C:\Windows\system32\catroot
2014-09-11 17:53:54 ----D---- C:\Windows\winsxs
2014-09-11 17:53:35 ----D---- C:\Windows\system32\catroot2
2014-09-10 21:03:39 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-09-10 20:08:16 ----RD---- C:\Program Files
2014-09-10 20:05:45 ----D---- C:\Windows\rescache
2014-09-09 19:04:04 ----SHD---- C:\Windows\Installer
2014-09-08 21:13:06 ----D---- C:\ProgramData\Skype
2014-09-08 21:13:05 ----RD---- C:\Program Files (x86)\Skype
2014-09-08 21:13:05 ----D---- C:\Program Files (x86)\Common Files
2014-09-08 21:12:56 ----D---- C:\Users\PC\AppData\Roaming\Skype
2014-09-08 18:33:46 ----D---- C:\Windows\Prefetch
2014-09-05 19:18:33 ----D---- C:\Windows\Microsoft.NET
2014-09-04 08:02:32 ----D---- C:\Windows\system32\wdi
2014-09-03 20:55:50 ----RSD---- C:\Windows\assembly
2014-09-03 16:31:59 ----D---- C:\Windows
2014-09-03 16:31:13 ----D---- C:\Windows\system32\DriverStore
2014-09-03 16:31:12 ----D---- C:\Windows\System32
2014-09-03 16:31:04 ----D---- C:\Windows\inf
2014-09-03 07:35:32 ----D---- C:\ProgramData\Microsoft Help
2014-09-02 21:46:50 ----D---- C:\Windows\system32\NDF
2014-09-02 20:34:12 ----D---- C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
2014-09-02 20:33:54 ----D---- C:\Windows\Panther
2014-09-02 20:33:53 ----D---- C:\Windows\Minidump
2014-09-02 20:33:53 ----D---- C:\Windows\Logs
2014-09-02 20:33:53 ----D---- C:\Windows\debug
2014-09-02 20:21:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-02 20:06:11 ----D---- C:\Windows\ehome
2014-09-02 20:06:10 ----D---- C:\Program Files\Common Files\System
2014-09-02 20:06:09 ----D---- C:\Program Files\Windows Journal
2014-09-02 20:05:55 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-09-02 20:05:55 ----D---- C:\Windows\system32\cs-CZ
2014-09-02 20:05:51 ----D---- C:\Program Files\Windows Defender
2014-09-02 20:05:51 ----D---- C:\Program Files (x86)\Windows Defender
2014-09-02 20:05:48 ----D---- C:\Windows\system32\wbem
2014-09-02 20:05:33 ----D---- C:\Windows\system32\Boot
2014-09-02 20:05:23 ----D---- C:\Windows\AppPatch
2014-09-02 20:05:20 ----D---- C:\Program Files\Internet Explorer
2014-09-02 20:05:19 ----D---- C:\Windows\SYSWOW64\en-US
2014-09-02 20:05:17 ----D---- C:\Windows\system32\en-US
2014-09-02 20:05:17 ----D---- C:\Windows\PolicyDefinitions
2014-09-02 20:05:14 ----D---- C:\Program Files (x86)\Internet Explorer
2014-09-02 17:32:58 ----D---- C:\ProgramData\6979bd296c75c2fc
2014-09-02 16:36:24 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-09-02 12:35:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-02 12:22:26 ----D---- C:\Windows\SoftwareDistribution
2014-09-02 11:53:05 ----D---- C:\Windows\AutoKMS
2014-09-01 22:45:21 ----D---- C:\Windows\system32\LogFiles
2014-09-01 22:09:50 ----SD---- C:\ProgramData\Microsoft
2014-08-31 20:18:55 ----SD---- C:\Users\PC\AppData\Roaming\Microsoft
2014-08-26 19:53:39 ----D---- C:\Users\PC\AppData\Roaming\vlc
2014-08-25 06:53:42 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-04-06 283064]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R2 rimspci;rimspci; C:\Windows\system32\DRIVERS\rimssne64.sys [2010-09-08 94208]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-11-29 13201920]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-11-29 624128]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-09-15 299568]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-09 1394176]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-05 3707864]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-08-03 11392]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 ESETOlmarikOlmascoCleaner;ESET Olmarik/Olmasco Cleaner; \??\C:\Windows\system32\Drivers\ESETOlmarikOlmascoCleaner.sys [2014-09-01 157384]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-06-10 54784]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-11-29 239616]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-02-24 1343408]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2010-05-31 217968]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 641352]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-02 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-02 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-02 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3726450706-3269888690-392598298-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3726450706-3269888690-392598298-1000UA.job

:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2014-09-11 19:59:36
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 225 GB (47%) free of 477 GB
Total RAM: 3950 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:59:48, on 11.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
O4 - HKLM\..\Run: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIH3E.EXE /EPT "EPLTarget\P0000000000000000" /M "WP-4535 Series"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9555 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
taskeng.exe {5191AF18-A9F3-4433-A0A7-141E04E40C94}
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Apoint\Apoint.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\Apoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Windows\System32\spool\drivers\x64\3\E_YATIH3E.EXE" /EPT "EPLTarget\P0000000000000000" /M "WP-4535 Series"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"Apntex.exe"
"C:\Program Files\Apoint\Apvfb.exe"
\??\C:\Windows\system32\conhost.exe "-808145583-470109893-570292538-17158141639247751281423583135-10429467321491730339
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2880.0.269932753\1973327462" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17 --gpu-vendor-id=0x1002 --gpu-device-id=0x68e0 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.250.18.0 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="2880.1.1955368483\566144404" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="2880.2.1882640996\1820292721" /prefetch:673131151
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe"
"C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe"
"C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="2880.5.1444944746\134885725" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2880.6.504839913\1896628677" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SDCH/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_99/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel="2880.7.1997263687\180848327" /prefetch:673131151
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\PC\Downloads\RSITx64 (3).exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-06 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-06 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-11-05 1361112]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2010-09-15 212480]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-02-24 5581888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-06 136176]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-08-01 3673696]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"uTorrent"=C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe [2014-08-11 1322832]
"EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIH3E.EXE [2011-07-19 239488]
"GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-08-30 852808]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-11-29 766208]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"FUFAXRCV"=C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [2011-03-09 495616]
"FUFAXSTM"=C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [2011-03-09 856064]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392]

C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ESETOlmarikOlmascoCleaner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ESETOlmarikOlmascoCleaner.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-11 19:36:46 ----D---- C:\_OTM
2014-09-11 18:05:17 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-09-11 18:04:12 ----D---- C:\AdwCleaner
2014-09-10 20:08:16 ----D---- C:\rsit
2014-09-10 20:08:16 ----D---- C:\Program Files\trend micro
2014-09-02 21:28:42 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2014-09-02 21:28:42 ----A---- C:\Windows\system32\drivers\bthport.sys
2014-09-02 20:36:39 ----D---- C:\Windows\SYSWOW64\Wat
2014-09-02 20:36:38 ----D---- C:\Windows\system32\Wat
2014-09-02 20:26:41 ----D---- C:\Program Files\CCleaner
2014-09-02 19:36:30 ----D---- C:\Program Files (x86)\Google
2014-09-02 15:14:42 ----D---- C:\Windows\system32\MRT
2014-09-02 15:14:22 ----A---- C:\Windows\system32\MRT.exe
2014-09-02 14:35:09 ----A---- C:\Windows\system32\browserchoice.exe
2014-09-02 13:44:33 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2014-09-02 13:44:25 ----A---- C:\Windows\SYSWOW64\wmi.dll
2014-09-02 13:44:25 ----A---- C:\Windows\system32\wmi.dll
2014-09-02 13:21:47 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-09-02 13:00:24 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-02 13:00:24 ----A---- C:\Windows\system32\tzres.dll
2014-09-02 12:18:26 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-09-02 12:18:26 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-09-02 12:18:26 ----A---- C:\Windows\system32\infocardapi.dll
2014-09-02 12:18:26 ----A---- C:\Windows\system32\icardagt.exe
2014-09-02 12:18:22 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-09-02 12:18:22 ----A---- C:\Windows\system32\icardres.dll
2014-09-02 12:17:56 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-09-02 12:17:56 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-09-02 11:20:39 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2014-09-02 11:20:39 ----A---- C:\Windows\system32\poqexec.exe
2014-09-02 10:55:35 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-09-02 10:55:35 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-09-02 10:55:34 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-09-02 10:55:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-09-02 10:55:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-09-02 10:55:33 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-02 10:55:33 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-09-02 10:55:33 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-02 10:55:33 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-02 10:55:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-09-02 10:55:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-09-02 10:55:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-09-02 10:55:31 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-02 10:55:30 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-09-02 10:55:30 ----A---- C:\Windows\system32\iernonce.dll
2014-09-02 10:55:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-09-02 10:55:27 ----A---- C:\Windows\system32\urlmon.dll
2014-09-02 10:55:26 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-09-02 10:55:26 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-02 10:55:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-09-02 10:55:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-09-02 10:55:25 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-09-02 10:55:25 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-02 10:55:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-02 10:55:25 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-02 10:55:24 ----A---- C:\Windows\system32\iesetup.dll
2014-09-02 10:55:24 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-02 10:55:23 ----A---- C:\Windows\system32\iertutil.dll
2014-09-02 10:55:22 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-09-02 10:55:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-09-02 10:55:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-09-02 10:55:21 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-09-02 10:55:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-09-02 10:55:20 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-09-02 10:55:20 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-09-02 10:55:20 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-02 10:55:19 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-09-02 10:55:18 ----A---- C:\Windows\system32\ieui.dll
2014-09-02 10:55:18 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-02 10:55:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-09-02 10:55:17 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-02 10:55:17 ----A---- C:\Windows\system32\ieframe.dll
2014-09-02 10:55:16 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-02 10:55:16 ----A---- C:\Windows\system32\jscript9.dll
2014-09-02 10:55:16 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-02 10:55:15 ----A---- C:\Windows\system32\wininet.dll
2014-09-02 10:55:15 ----A---- C:\Windows\system32\vbscript.dll
2014-09-02 10:55:15 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-02 10:55:14 ----A---- C:\Windows\system32\msrating.dll
2014-09-02 10:55:14 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-02 10:55:13 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-02 10:55:12 ----A---- C:\Windows\system32\mshtml.dll
2014-09-02 10:49:25 ----A---- C:\Windows\system32\odbccu32.dll
2014-09-02 10:49:25 ----A---- C:\Windows\system32\odbccr32.dll
2014-09-02 10:49:25 ----A---- C:\Windows\system32\odbccp32.dll
2014-09-02 10:49:24 ----A---- C:\Windows\system32\odbctrac.dll
2014-09-02 10:49:22 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2014-09-02 10:49:22 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2014-09-02 10:49:21 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2014-09-02 10:49:21 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2014-09-02 10:49:20 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2014-09-02 10:49:09 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2014-09-02 10:49:09 ----A---- C:\Windows\system32\comctl32.dll
2014-09-02 10:48:50 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-09-02 10:48:50 ----A---- C:\Windows\system32\mstscax.dll
2014-09-02 10:48:47 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-09-02 10:48:47 ----A---- C:\Windows\system32\tsgqec.dll
2014-09-02 10:48:47 ----A---- C:\Windows\system32\aaclient.dll
2014-09-02 10:48:46 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-09-02 10:48:01 ----A---- C:\Windows\system32\shell32.dll
2014-09-02 10:47:58 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-09-02 10:47:44 ----A---- C:\Windows\system32\wintrust.dll
2014-09-02 10:47:43 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-09-02 10:45:25 ----A---- C:\Windows\system32\CPFilters.dll
2014-09-02 10:45:22 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2014-09-02 10:45:19 ----A---- C:\Windows\system32\sbe.dll
2014-09-02 10:45:17 ----A---- C:\Windows\SYSWOW64\sbe.dll
2014-09-02 10:44:53 ----A---- C:\Windows\system32\quartz.dll
2014-09-02 10:44:51 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-09-02 10:44:46 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-09-02 10:44:45 ----A---- C:\Windows\system32\qdvd.dll
2014-09-02 10:41:15 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2014-09-02 10:41:14 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-09-02 10:41:14 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-09-02 10:41:06 ----A---- C:\Windows\system32\usp10.dll
2014-09-02 10:41:05 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-09-02 10:40:54 ----A---- C:\Windows\SYSWOW64\webio.dll
2014-09-02 10:40:52 ----A---- C:\Windows\system32\webio.dll
2014-09-02 10:28:31 ----A---- C:\Windows\system32\crypt32.dll
2014-09-02 10:28:30 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-09-02 10:28:30 ----A---- C:\Windows\system32\cryptsvc.dll
2014-09-02 10:28:30 ----A---- C:\Windows\system32\cryptnet.dll
2014-09-02 10:28:29 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-09-02 10:28:29 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2014-09-02 10:27:50 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-09-02 10:27:50 ----A---- C:\Windows\system32\wer.dll
2014-09-02 10:27:47 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2014-09-02 10:27:47 ----A---- C:\Windows\system32\imagehlp.dll
2014-09-02 10:27:43 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-09-02 10:27:43 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-09-02 10:27:42 ----A---- C:\Windows\system32\drivers\netio.sys
2014-09-02 10:26:02 ----A---- C:\Windows\system32\msxml6.dll
2014-09-02 10:26:02 ----A---- C:\Windows\system32\msxml3.dll
2014-09-02 10:26:01 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-09-02 10:26:01 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-09-02 10:26:01 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-09-02 10:26:01 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-09-02 10:26:01 ----A---- C:\Windows\system32\msxml6r.dll
2014-09-02 10:26:01 ----A---- C:\Windows\system32\msxml3r.dll
2014-09-02 10:25:56 ----A---- C:\Windows\system32\drivers\portcls.sys
2014-09-02 10:25:56 ----A---- C:\Windows\system32\drivers\drmk.sys
2014-09-02 10:25:48 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-09-02 10:25:48 ----A---- C:\Windows\system32\osk.exe
2014-09-02 10:25:21 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2014-09-02 10:25:21 ----A---- C:\Windows\system32\atmlib.dll
2014-09-02 10:25:21 ----A---- C:\Windows\system32\atmfd.dll
2014-09-02 10:25:20 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2014-09-02 10:25:20 ----A---- C:\Windows\system32\dciman32.dll
2014-09-02 10:25:19 ----A---- C:\Windows\SYSWOW64\lpk.dll
2014-09-02 10:25:19 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2014-09-02 10:25:19 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2014-09-02 10:25:19 ----A---- C:\Windows\system32\lpk.dll
2014-09-02 10:25:19 ----A---- C:\Windows\system32\fontsub.dll
2014-09-02 10:25:16 ----A---- C:\Windows\system32\mfc42u.dll
2014-09-02 10:25:16 ----A---- C:\Windows\system32\mfc42.dll
2014-09-02 10:25:15 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2014-09-02 10:25:14 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2014-09-02 10:25:11 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-09-02 10:25:11 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-09-02 10:25:11 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-09-02 10:25:10 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-09-02 10:25:10 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-09-02 10:25:06 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-09-02 10:25:06 ----A---- C:\Windows\system32\qedit.dll
2014-09-02 10:25:03 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-09-02 10:25:03 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-09-02 10:25:00 ----A---- C:\Windows\system32\drivers\usb8023.sys
2014-09-02 10:24:54 ----A---- C:\Windows\system32\rdrmemptylst.exe
2014-09-02 10:24:54 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-09-02 10:24:53 ----A---- C:\Windows\system32\rdpwsx.dll
2014-09-02 10:24:43 ----A---- C:\Windows\system32\drivers\afd.sys
2014-09-02 10:24:40 ----A---- C:\Windows\system32\Wdfres.dll
2014-09-02 10:24:40 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2014-09-02 10:24:40 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2014-09-02 10:24:38 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2014-09-02 10:24:37 ----A---- C:\Windows\system32\drivers\usbcir.sys
2014-09-02 10:24:32 ----A---- C:\Windows\system32\drivers\hidparse.sys
2014-09-02 10:24:32 ----A---- C:\Windows\system32\drivers\hidclass.sys
2014-09-02 10:24:28 ----A---- C:\Windows\system32\dnsapi.dll
2014-09-02 10:24:27 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-09-02 10:24:27 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-09-02 10:24:27 ----A---- C:\Windows\system32\dnscacheugc.exe
2014-09-02 10:24:26 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2014-09-02 10:22:40 ----A---- C:\Windows\system32\dpnet.dll
2014-09-02 10:22:39 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2014-09-02 10:22:21 ----A---- C:\Windows\system32\msi.dll
2014-09-02 10:22:18 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-09-02 10:22:08 ----A---- C:\Windows\system32\authui.dll
2014-09-02 10:22:06 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-09-02 10:22:06 ----A---- C:\Windows\system32\consent.exe
2014-09-02 10:22:06 ----A---- C:\Windows\system32\appinfo.dll
2014-09-02 10:22:05 ----A---- C:\Windows\system32\msihnd.dll
2014-09-02 10:22:04 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-09-02 10:21:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-09-02 10:21:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-09-02 10:21:03 ----A---- C:\Windows\system32\winlogon.exe
2014-09-02 10:21:02 ----A---- C:\Windows\system32\KernelBase.dll
2014-09-02 10:21:00 ----A---- C:\Windows\system32\objsel.dll
2014-09-02 10:20:59 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-09-02 10:20:54 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-09-02 10:20:53 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-09-02 10:20:49 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-09-02 10:20:49 ----A---- C:\Windows\system32\smss.exe
2014-09-02 10:20:49 ----A---- C:\Windows\system32\dimsroam.dll
2014-09-02 10:20:49 ----A---- C:\Windows\system32\cngprovider.dll
2014-09-02 10:20:49 ----A---- C:\Windows\system32\adprovider.dll
2014-09-02 10:20:48 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-09-02 10:20:48 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-09-02 10:20:48 ----A---- C:\Windows\system32\capiprovider.dll
2014-09-02 10:20:47 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-09-02 10:20:47 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-09-02 10:20:47 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-09-02 10:20:45 ----A---- C:\Windows\system32\csrsrv.dll
2014-09-02 10:20:44 ----A---- C:\Windows\system32\wincredprovider.dll
2014-09-02 10:20:43 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-09-02 10:20:32 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2014-09-02 10:20:32 ----A---- C:\Windows\system32\apisetschema.dll
2014-09-02 10:12:15 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-09-02 10:12:15 ----A---- C:\Windows\system32\d3d10warp.dll
2014-09-02 10:12:15 ----A---- C:\Windows\system32\d2d1.dll
2014-09-02 10:12:14 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-09-02 10:11:42 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-09-02 10:11:42 ----A---- C:\Windows\system32\drivers\srv.sys
2014-09-02 10:11:41 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-09-02 10:11:36 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-09-02 10:11:36 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-09-02 10:11:36 ----A---- C:\Windows\system32\cdd.dll
2014-09-02 10:11:28 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-09-02 10:11:24 ----A---- C:\Windows\system32\psisdecd.dll
2014-09-02 10:11:23 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2014-09-02 10:11:16 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-09-02 10:08:01 ----A---- C:\Windows\system32\drivers\partmgr.sys
2014-09-02 09:59:13 ----A---- C:\Windows\SYSWOW64\synceng.dll
2014-09-02 09:59:13 ----A---- C:\Windows\system32\synceng.dll
2014-09-02 09:58:56 ----A---- C:\Windows\system32\winresume.exe
2014-09-02 09:58:56 ----A---- C:\Windows\system32\winload.exe
2014-09-02 09:58:55 ----A---- C:\Windows\system32\kdusb.dll
2014-09-02 09:58:55 ----A---- C:\Windows\system32\kdcom.dll
2014-09-02 09:58:55 ----A---- C:\Windows\system32\kd1394.dll
2014-09-02 09:58:24 ----A---- C:\Windows\system32\shdocvw.dll
2014-09-02 09:58:23 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2014-09-02 09:57:20 ----A---- C:\Windows\system32\win32spl.dll
2014-09-02 09:57:19 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2014-09-02 09:57:13 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2014-09-02 09:57:13 ----A---- C:\Windows\system32\umpnpmgr.dll
2014-09-02 09:57:12 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2014-09-02 09:57:12 ----A---- C:\Windows\SYSWOW64\devobj.dll
2014-09-02 09:57:12 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2014-09-02 09:57:07 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-09-02 09:57:07 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-09-02 09:57:01 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2014-09-02 09:57:01 ----A---- C:\Windows\SYSWOW64\browcli.dll
2014-09-02 09:57:01 ----A---- C:\Windows\system32\netapi32.dll
2014-09-02 09:57:01 ----A---- C:\Windows\system32\browser.dll
2014-09-02 09:57:01 ----A---- C:\Windows\system32\browcli.dll
2014-09-02 09:56:49 ----A---- C:\Windows\system32\kernel32.dll
2014-09-02 09:56:48 ----A---- C:\Windows\system32\wow64win.dll
2014-09-02 09:56:47 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-09-02 09:56:46 ----A---- C:\Windows\system32\wow64.dll
2014-09-02 09:56:46 ----A---- C:\Windows\system32\winsrv.dll
2014-09-02 09:56:45 ----A---- C:\Windows\system32\conhost.exe
2014-09-02 09:56:44 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-09-02 09:56:43 ----A---- C:\Windows\system32\ntvdm64.dll
2014-09-02 09:56:42 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-09-02 09:56:41 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-09-02 09:56:41 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-09-02 09:56:41 ----A---- C:\Windows\system32\wow64cpu.dll
2014-09-02 09:56:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-09-02 09:56:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-09-02 09:56:40 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-09-02 09:56:40 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-09-02 09:56:40 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-09-02 09:56:40 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-09-02 09:56:39 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-09-02 09:56:38 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-09-02 09:56:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-09-02 09:56:37 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-09-02 09:56:37 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-09-02 09:56:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-09-02 09:56:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2014-09-02 09:56:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-09-02 09:56:36 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-09-02 09:56:36 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-09-02 09:56:36 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-09-02 09:56:35 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-09-02 09:56:34 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-09-02 09:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-09-02 09:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2014-09-02 09:56:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-09-02 09:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-09-02 09:56:33 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-09-02 09:56:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-09-02 09:56:32 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-09-02 09:56:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2014-09-02 09:56:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-09-02 09:56:29 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-09-02 09:56:29 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-09-02 09:56:28 ----A---- C:\Windows\SYSWOW64\user.exe
2014-09-02 09:55:56 ----A---- C:\Windows\system32\FXSCOVER.exe
2014-09-02 09:55:36 ----A---- C:\Windows\system32\inetcomm.dll
2014-09-02 09:55:32 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2014-09-02 09:55:12 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2014-09-02 09:55:12 ----A---- C:\Windows\system32\msvcrt.dll
2014-09-02 09:54:52 ----A---- C:\Windows\system32\certutil.exe
2014-09-02 09:54:51 ----A---- C:\Windows\SYSWOW64\certutil.exe
2014-09-02 09:54:46 ----A---- C:\Windows\SYSWOW64\certenc.dll
2014-09-02 09:54:46 ----A---- C:\Windows\system32\certenc.dll
2014-09-02 09:52:21 ----A---- C:\Windows\system32\scrrun.dll
2014-09-02 09:52:21 ----A---- C:\Windows\system32\cscript.exe
2014-09-02 09:52:19 ----A---- C:\Windows\SYSWOW64\wscript.exe
2014-09-02 09:52:18 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2014-09-02 09:52:18 ----A---- C:\Windows\system32\wscript.exe
2014-09-02 09:52:17 ----A---- C:\Windows\SYSWOW64\cscript.exe
2014-09-02 09:51:58 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-09-02 09:51:58 ----A---- C:\Windows\system32\kerberos.dll
2014-09-02 09:51:57 ----A---- C:\Windows\system32\schannel.dll
2014-09-02 09:51:57 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-02 09:51:56 ----A---- C:\Windows\system32\msv1_0.dll
2014-09-02 09:51:55 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-09-02 09:51:54 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-09-02 09:51:54 ----A---- C:\Windows\system32\wdigest.dll
2014-09-02 09:51:53 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-09-02 09:51:53 ----A---- C:\Windows\system32\drivers\cng.sys
2014-09-02 09:51:51 ----A---- C:\Windows\system32\TSpkg.dll
2014-09-02 09:51:51 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-09-02 09:51:50 ----A---- C:\Windows\system32\ncrypt.dll
2014-09-02 09:51:49 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-09-02 09:51:48 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-09-02 09:51:47 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-09-02 09:51:46 ----A---- C:\Windows\system32\lsass.exe
2014-09-02 09:51:44 ----A---- C:\Windows\system32\sspicli.dll
2014-09-02 09:51:41 ----A---- C:\Windows\system32\secur32.dll
2014-09-02 09:51:40 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-09-02 09:51:40 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-09-02 09:51:40 ----A---- C:\Windows\system32\credssp.dll
2014-09-02 09:51:39 ----A---- C:\Windows\system32\sspisrv.dll
2014-09-02 09:51:38 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-09-02 09:48:23 ----A---- C:\Windows\system32\localspl.dll
2014-09-02 09:48:10 ----A---- C:\Windows\system32\win32k.sys
2014-09-02 09:48:09 ----A---- C:\Windows\system32\gdi32.dll
2014-09-02 09:48:08 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-09-02 09:47:59 ----A---- C:\Windows\system32\drivers\bowser.sys
2014-09-02 09:47:45 ----A---- C:\Windows\system32\oleacc.dll
2014-09-02 09:47:44 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-09-02 09:47:44 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2014-09-02 09:47:44 ----A---- C:\Windows\system32\oleaut32.dll
2014-09-02 09:44:15 ----A---- C:\Windows\system32\EncDec.dll
2014-09-02 09:44:14 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2014-09-02 09:44:02 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2014-09-02 09:44:02 ----A---- C:\Windows\system32\DWrite.dll
2014-09-02 09:43:43 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2014-09-02 09:43:39 ----A---- C:\Windows\system32\cdosys.dll
2014-09-02 09:42:17 ----A---- C:\Windows\system32\IKEEXT.DLL
2014-09-02 09:42:17 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2014-09-02 09:42:16 ----A---- C:\Windows\system32\nshwfp.dll
2014-09-02 09:42:15 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2014-09-02 09:42:13 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2014-09-02 09:40:38 ----A---- C:\Windows\system32\rpcrt4.dll
2014-09-02 09:40:35 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-09-02 08:45:34 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-09-02 08:45:34 ----A---- C:\Windows\system32\packager.dll
2014-09-02 07:54:40 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2014-09-02 07:54:40 ----A---- C:\Windows\system32\rdpcore.dll
2014-09-02 07:54:40 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-09-01 22:20:43 ----A---- C:\Windows\system32\wups2.dll
2014-09-01 22:20:43 ----A---- C:\Windows\system32\wucltux.dll
2014-09-01 22:20:43 ----A---- C:\Windows\system32\wuaueng.dll
2014-09-01 22:20:43 ----A---- C:\Windows\system32\wuauclt.exe
2014-09-01 22:20:38 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-09-01 22:20:38 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-09-01 22:20:38 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-09-01 22:20:38 ----A---- C:\Windows\system32\wups.dll
2014-09-01 22:20:38 ----A---- C:\Windows\system32\wudriver.dll
2014-09-01 22:20:38 ----A---- C:\Windows\system32\wuapi.dll
2014-09-01 22:20:34 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-09-01 22:20:34 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-09-01 22:20:34 ----A---- C:\Windows\system32\wuwebv.dll
2014-09-01 22:20:34 ----A---- C:\Windows\system32\wuapp.exe
2014-09-01 21:42:19 ----SHD---- C:\Config.Msi
2014-09-01 21:36:26 ----D---- C:\ProgramData\ESET
2014-09-01 21:36:26 ----D---- C:\Program Files\ESET
2014-09-01 13:02:09 ----D---- C:\Users\PC\AppData\Roaming\ESET
2014-08-28 22:34:50 ----D---- C:\Program Files (x86)\ESET
2014-08-28 22:33:47 ----A---- C:\Windows\system32\drivers\ESETOlmarikOlmascoCleaner.sys
2014-08-28 20:20:24 ----D---- C:\Program Files\iPod
2014-08-28 20:20:23 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-28 20:20:23 ----D---- C:\Program Files\iTunes
2014-08-28 20:20:23 ----D---- C:\Program Files (x86)\iTunes
2014-08-26 09:53:06 ----D---- C:\Users\PC\AppData\Roaming\Winamp
2014-08-26 09:53:06 ----D---- C:\Program Files (x86)\Winamp
2014-08-22 19:22:07 ----D---- C:\Users\PC\AppData\Roaming\Opera Software
2014-08-22 19:21:59 ----D---- C:\Program Files (x86)\Opera
2014-08-22 19:20:21 ----D---- C:\Program Files (x86)\WebSpades

======List of files/folders modified in the last 1 month======

2014-09-11 19:59:35 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2014-09-11 19:59:26 ----D---- C:\Windows\Temp
2014-09-11 19:36:48 ----D---- C:\Windows\Tasks
2014-09-11 18:50:59 ----D---- C:\Windows\system32\config
2014-09-11 18:07:46 ----RD---- C:\Program Files (x86)
2014-09-11 18:06:34 ----A---- C:\Windows\win.ini
2014-09-11 18:06:23 ----D---- C:\Windows\system32\Tasks
2014-09-11 18:06:13 ----D---- C:\Windows\system32\drivers
2014-09-11 18:05:59 ----HD---- C:\ProgramData
2014-09-11 18:05:17 ----D---- C:\Windows\SysWOW64
2014-09-11 17:54:00 ----D---- C:\Windows\system32\catroot
2014-09-11 17:53:54 ----D---- C:\Windows\winsxs
2014-09-11 17:53:35 ----D---- C:\Windows\system32\catroot2
2014-09-10 21:03:39 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-09-10 20:08:16 ----RD---- C:\Program Files
2014-09-10 20:05:45 ----D---- C:\Windows\rescache
2014-09-09 19:04:04 ----SHD---- C:\Windows\Installer
2014-09-08 21:13:06 ----D---- C:\ProgramData\Skype
2014-09-08 21:13:05 ----RD---- C:\Program Files (x86)\Skype
2014-09-08 21:13:05 ----D---- C:\Program Files (x86)\Common Files
2014-09-08 21:12:56 ----D---- C:\Users\PC\AppData\Roaming\Skype
2014-09-08 18:33:46 ----D---- C:\Windows\Prefetch
2014-09-05 19:18:33 ----D---- C:\Windows\Microsoft.NET
2014-09-04 08:02:32 ----D---- C:\Windows\system32\wdi
2014-09-03 20:55:50 ----RSD---- C:\Windows\assembly
2014-09-03 16:31:59 ----D---- C:\Windows
2014-09-03 16:31:13 ----D---- C:\Windows\system32\DriverStore
2014-09-03 16:31:12 ----D---- C:\Windows\System32
2014-09-03 16:31:04 ----D---- C:\Windows\inf
2014-09-03 07:35:32 ----D---- C:\ProgramData\Microsoft Help
2014-09-02 21:46:50 ----D---- C:\Windows\system32\NDF
2014-09-02 20:34:12 ----D---- C:\Users\PC\AppData\Roaming\DAEMON Tools Lite
2014-09-02 20:33:54 ----D---- C:\Windows\Panther
2014-09-02 20:33:53 ----D---- C:\Windows\Minidump
2014-09-02 20:33:53 ----D---- C:\Windows\Logs
2014-09-02 20:33:53 ----D---- C:\Windows\debug
2014-09-02 20:21:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-02 20:06:11 ----D---- C:\Windows\ehome
2014-09-02 20:06:10 ----D---- C:\Program Files\Common Files\System
2014-09-02 20:06:09 ----D---- C:\Program Files\Windows Journal
2014-09-02 20:05:55 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-09-02 20:05:55 ----D---- C:\Windows\system32\cs-CZ
2014-09-02 20:05:51 ----D---- C:\Program Files\Windows Defender
2014-09-02 20:05:51 ----D---- C:\Program Files (x86)\Windows Defender
2014-09-02 20:05:48 ----D---- C:\Windows\system32\wbem
2014-09-02 20:05:33 ----D---- C:\Windows\system32\Boot
2014-09-02 20:05:23 ----D---- C:\Windows\AppPatch
2014-09-02 20:05:20 ----D---- C:\Program Files\Internet Explorer
2014-09-02 20:05:19 ----D---- C:\Windows\SYSWOW64\en-US
2014-09-02 20:05:17 ----D---- C:\Windows\system32\en-US
2014-09-02 20:05:17 ----D---- C:\Windows\PolicyDefinitions
2014-09-02 20:05:14 ----D---- C:\Program Files (x86)\Internet Explorer
2014-09-02 17:32:58 ----D---- C:\ProgramData\6979bd296c75c2fc
2014-09-02 16:36:24 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-09-02 12:35:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-02 12:22:26 ----D---- C:\Windows\SoftwareDistribution
2014-09-02 11:53:05 ----D---- C:\Windows\AutoKMS
2014-09-01 22:45:21 ----D---- C:\Windows\system32\LogFiles
2014-09-01 22:09:50 ----SD---- C:\ProgramData\Microsoft
2014-08-31 20:18:55 ----SD---- C:\Users\PC\AppData\Roaming\Microsoft
2014-08-26 19:53:39 ----D---- C:\Users\PC\AppData\Roaming\vlc
2014-08-25 06:53:42 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-04-06 283064]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R2 rimspci;rimspci; C:\Windows\system32\DRIVERS\rimssne64.sys [2010-09-08 94208]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-11-29 13201920]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-11-29 624128]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-09-15 299568]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-09 1394176]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-05 3707864]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-08-03 11392]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 ESETOlmarikOlmascoCleaner;ESET Olmarik/Olmasco Cleaner; \??\C:\Windows\system32\Drivers\ESETOlmarikOlmascoCleaner.sys [2014-09-01 157384]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-06-10 54784]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-11-29 239616]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-02-24 1343408]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2010-05-31 217968]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-02 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-02 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-02 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Mockrát Vám děkuju!!

Nemáte zač!

VIRY.CZ

Modrá smrt

Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt

Re: Modrá smrt