6 infiltracii a kto vie čo este

[VLADKO123456]

prosim o pomoc. antivirak mi nasiel zatial 6 infiltracii , chcel by som ci by ste to este neprekontrolovali, ci je to čiste ... dakujem

Logfile of random's system information tool 1.10 (written by random/random)
Run by Vladko at 2015-09-06 16:24:03
Microsoft Windows 8.1 Pro
System drive C: has 87 GB (36%) free of 238 GB
Total RAM: 2048 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:24:38 PM, on 9/6/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhostex.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Vladko\AppData\Local\Microsoft\Windows\INetCache\IE\9910DD3N\RSIT (1).exe
C:\Program Files\trend micro\Vladko.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [iSkysoft Helper Compact.exe] C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{F212DA4A-DEAC-43D8-8952-20B195E5E7B4}: NameServer = 192.168.0.1
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: WSISVCUchrome - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Service KMSELDI - @ByELDI - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe

--
End of file - 5405 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2015-07-14 1729752]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-14 604704]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-11-16 641704]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-01-28 5088456]
"iSkysoft Helper Compact.exe"=C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2014-10-31 2066432]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-05-21 3579120]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-07-17 6453528]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux7"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-06 16:24:03 ----D---- C:\Program Files\trend micro
2015-09-06 16:24:02 ----D---- C:\rsit
2015-09-04 21:50:17 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-04 21:50:17 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-09-04 21:50:17 ----A---- C:\Windows\system32\wudriver.dll
2015-09-04 21:50:17 ----A---- C:\Windows\system32\wucltux.dll
2015-09-04 21:50:17 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-04 21:50:17 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-04 21:50:17 ----A---- C:\Windows\system32\wuapp.exe
2015-09-04 21:50:17 ----A---- C:\Windows\system32\wuapi.dll
2015-09-01 17:35:35 ----D---- C:\Program Files\MSECache
2015-08-31 16:20:12 ----D---- C:\Program Files\Common Files\DESIGNER
2015-08-31 16:19:03 ----D---- C:\Windows\PCHEALTH
2015-08-31 16:17:06 ----D---- C:\Program Files\Microsoft Analysis Services
2015-08-31 16:14:28 ----RHD---- C:\MSOCache
2015-08-27 20:59:33 ----D---- C:\ProgramData\IObit
2015-08-25 11:04:58 ----D---- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-08-25 11:04:57 ----D---- C:\Users\Vladko\AppData\Roaming\Apple Computer
2015-08-25 11:04:47 ----D---- C:\Program Files\Common Files\IObit
2015-08-25 11:03:22 ----D---- C:\Users\Vladko\AppData\Roaming\ProductData
2015-08-25 11:02:58 ----D---- C:\ProgramData\ProductData
2015-08-25 11:02:38 ----D---- C:\Program Files\IObit
2015-08-24 03:25:30 ----D---- C:\Program Files\CCleaner
2015-08-24 01:48:15 ----D---- C:\Users\Vladko\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2015-08-24 01:48:05 ----D---- C:\Users\Vladko\AppData\Roaming\iSkysoft Video Converter Ultimate
2015-08-24 01:47:23 ----D---- C:\Program Files\Common Files\iSkysoft
2015-08-24 01:46:53 ----A---- C:\Windows\system32\ISCM32.dll
2015-08-24 01:46:20 ----D---- C:\ProgramData\iSkysoft Video Converter Ultimate
2015-08-24 01:46:05 ----D---- C:\ProgramData\iSkysoft
2015-08-24 01:46:05 ----D---- C:\Program Files\iSkysoft
2015-08-23 14:24:30 ----D---- C:\ProgramData\HP
2015-08-22 20:12:31 ----D---- C:\Program Files\Common Files\Adobe
2015-08-22 20:12:31 ----D---- C:\Program Files\Adobe
2015-08-22 20:11:46 ----D---- C:\ProgramData\Adobe
2015-08-20 04:40:06 ----A---- C:\Windows\system32\tzsync.exe
2015-08-20 04:10:56 ----D---- C:\Program Files\Microsoft Office
2015-08-20 04:10:55 ----D---- C:\ProgramData\Microsoft Help
2015-08-20 03:43:40 ----A---- C:\Windows\system32\sppsvc.exe
2015-08-20 03:43:39 ----A---- C:\Windows\system32\sppwinob.dll
2015-08-20 03:43:39 ----A---- C:\Windows\system32\sppobjs.dll
2015-08-20 03:42:33 ----A---- C:\Windows\system32\profsvc.dll
2015-08-20 03:42:32 ----A---- C:\Windows\system32\drivers\bthpan.sys
2015-08-20 03:42:05 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2015-08-20 03:42:05 ----A---- C:\Windows\system32\drivers\bthport.sys
2015-08-20 03:42:05 ----A---- C:\Windows\system32\drivers\bthenum.sys
2015-08-20 03:41:58 ----A---- C:\Windows\system32\consent.exe
2015-08-20 03:41:57 ----A---- C:\Windows\system32\gdi32.dll
2015-08-20 03:41:56 ----A---- C:\Windows\system32\SettingsHandlers.dll
2015-08-20 03:41:47 ----A---- C:\Windows\system32\UtcResources.dll
2015-08-20 03:41:47 ----A---- C:\Windows\system32\diagtrack.dll
2015-08-20 03:41:46 ----A---- C:\Windows\system32\tdh.dll
2015-08-19 13:37:41 ----A---- C:\Windows\system32\mshtml.dll
2015-08-18 21:05:59 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-18 20:59:44 ----D---- C:\Program Files\pidgin-otr
2015-08-18 20:56:32 ----D---- C:\Users\Vladko\AppData\Roaming\.purple
2015-08-18 20:55:03 ----D---- C:\Program Files\Pidgin
2015-08-17 23:29:47 ----A---- C:\Windows\system32\WebClnt.dll
2015-08-17 23:29:47 ----A---- C:\Windows\system32\davclnt.dll
2015-08-17 23:29:45 ----A---- C:\Windows\system32\win32k.sys
2015-08-17 23:29:44 ----A---- C:\Windows\system32\FntCache.dll
2015-08-17 23:29:44 ----A---- C:\Windows\system32\DWrite.dll
2015-08-17 23:29:44 ----A---- C:\Windows\system32\atmlib.dll
2015-08-17 23:29:44 ----A---- C:\Windows\system32\atmfd.dll
2015-08-17 23:29:42 ----A---- C:\Windows\system32\appraiser.dll
2015-08-17 23:29:41 ----A---- C:\Windows\system32\invagent.dll
2015-08-17 23:29:41 ----A---- C:\Windows\system32\generaltel.dll
2015-08-17 23:29:41 ----A---- C:\Windows\system32\devinv.dll
2015-08-17 23:29:41 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-08-17 23:29:41 ----A---- C:\Windows\system32\aeinv.dll
2015-08-17 23:29:40 ----A---- C:\Windows\system32\acmigration.dll
2015-08-17 23:29:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-08-17 23:29:30 ----A---- C:\Windows\system32\sysmain.dll
2015-08-17 23:29:30 ----A---- C:\Windows\system32\ntdll.dll
2015-08-17 23:29:30 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-08-17 23:29:22 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-17 23:29:06 ----A---- C:\Windows\system32\drivers\tcpip.sys
2015-08-17 23:28:40 ----A---- C:\Windows\system32\netcfgx.dll
2015-08-17 23:28:40 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-08-17 23:28:39 ----A---- C:\Windows\system32\mstscax.dll
2015-08-17 23:28:37 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-08-17 23:27:56 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2015-08-17 23:27:53 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2015-08-17 23:27:52 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2015-08-17 23:27:44 ----A---- C:\Windows\system32\notepad.exe
2015-08-17 23:27:44 ----A---- C:\Windows\notepad.exe
2015-08-17 23:27:38 ----A---- C:\Windows\system32\csrsrv.dll
2015-08-17 23:27:38 ----A---- C:\Windows\system32\basesrv.dll
2015-08-17 23:26:41 ----A---- C:\Windows\system32\ieframe.dll
2015-08-17 23:26:38 ----A---- C:\Windows\system32\jscript9.dll
2015-08-17 23:26:37 ----A---- C:\Windows\system32\wininet.dll
2015-08-17 23:26:37 ----A---- C:\Windows\system32\urlmon.dll
2015-08-17 23:26:37 ----A---- C:\Windows\system32\ieui.dll
2015-08-17 23:26:37 ----A---- C:\Windows\system32\iertutil.dll
2015-08-17 23:26:37 ----A---- C:\Windows\system32\ieapfltr.dll
2015-08-17 23:26:36 ----A---- C:\Windows\system32\vbscript.dll
2015-08-17 23:26:36 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-17 23:26:36 ----A---- C:\Windows\system32\jscript.dll
2015-08-17 23:26:36 ----A---- C:\Windows\system32\inetcomm.dll
2015-08-17 23:26:36 ----A---- C:\Windows\system32\actxprxy.dll
2015-08-17 23:25:22 ----A---- C:\Windows\system32\msxml6.dll
2015-08-17 23:25:21 ----A---- C:\Windows\system32\msxml3.dll

======List of files/folders modified in the last 1 month======

2015-09-06 16:24:45 ----D---- C:\Windows\Temp
2015-09-06 16:24:03 ----RD---- C:\Program Files
2015-09-06 16:21:41 ----D---- C:\Windows\Prefetch
2015-09-06 16:15:25 ----RD---- C:\Windows\assembly
2015-09-06 16:15:19 ----SHD---- C:\Windows\Installer
2015-09-06 16:00:00 ----D---- C:\Windows\system32\sru
2015-09-05 23:46:19 ----D---- C:\Users\Vladko\AppData\Roaming\Skype
2015-09-05 14:44:31 ----D---- C:\Windows
2015-09-05 11:00:58 ----SD---- C:\Users\Vladko\AppData\Roaming\Microsoft
2015-09-05 10:34:53 ----D---- C:\Users\Vladko\AppData\Roaming\vlc
2015-09-05 09:59:11 ----D---- C:\Windows\Microsoft.NET
2015-09-05 09:56:53 ----D---- C:\Windows\debug
2015-09-05 05:07:42 ----D---- C:\Windows\SoftwareDistribution
2015-09-05 03:24:21 ----D---- C:\Users\Vladko\AppData\Roaming\TeamViewer
2015-09-05 03:24:16 ----D---- C:\Windows\inf
2015-09-04 22:52:19 ----D---- C:\Windows\system32\config
2015-09-04 21:55:03 ----D---- C:\Windows\WinSxS
2015-09-04 21:52:33 ----RD---- C:\Windows\System32
2015-09-04 21:52:33 ----D---- C:\Windows\system32\en-US
2015-09-04 21:51:44 ----D---- C:\Windows\CbsTemp
2015-09-04 15:17:07 ----SHD---- C:\System Volume Information
2015-09-04 10:23:22 ----D---- C:\Windows\system32\DriverStore
2015-09-03 18:17:20 ----D---- C:\Windows\Minidump
2015-09-01 11:08:03 ----A---- C:\Windows\win.ini
2015-08-31 17:42:21 ----D---- C:\Users\Vladko\AppData\Roaming\uTorrent
2015-08-31 17:39:35 ----D---- C:\Users\Vladko\AppData\Roaming\DAEMON Tools Lite
2015-08-31 16:21:34 ----D---- C:\Windows\system32\catroot2
2015-08-31 16:20:37 ----RSD---- C:\Windows\Fonts
2015-08-31 16:20:27 ----D---- C:\Windows\ShellNew
2015-08-31 16:20:20 ----D---- C:\Program Files\Common Files\microsoft shared
2015-08-31 16:20:12 ----D---- C:\Program Files\Common Files
2015-08-31 16:19:50 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-08-31 16:19:03 ----D---- C:\Program Files\Microsoft.NET
2015-08-31 16:17:35 ----D---- C:\Program Files\Common Files\System
2015-08-29 18:23:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-08-29 12:24:32 ----D---- C:\Windows\Tasks
2015-08-29 07:03:57 ----D---- C:\Windows\system32\NDF
2015-08-29 04:30:32 ----D---- C:\Windows\system32\wbem
2015-08-29 04:29:26 ----D---- C:\Windows\system32\Drivers
2015-08-29 04:29:25 ----SD---- C:\Windows\system32\GWX
2015-08-29 04:29:25 ----D---- C:\Windows\system32\Tasks
2015-08-29 04:29:25 ----D---- C:\Windows\system32\CodeIntegrity
2015-08-29 04:29:24 ----D---- C:\Users\Vladko\AppData\Roaming\Winamp
2015-08-29 04:28:01 ----HD---- C:\Program Files\WindowsApps
2015-08-29 04:23:17 ----D---- C:\Windows\registration
2015-08-29 04:21:48 ----HD---- C:\ProgramData
2015-08-27 23:45:09 ----D---- C:\Program Files\MiniTool Partition Wizard Free 9.0
2015-08-27 23:45:08 ----D---- C:\Program Files\Kingo ROOT
2015-08-27 15:10:14 ----D---- C:\Windows\AppReadiness
2015-08-25 11:28:14 ----D---- C:\Windows\Panther
2015-08-24 03:29:27 ----D---- C:\Windows\ModemLogs
2015-08-22 21:22:34 ----D---- C:\Users\Vladko\AppData\Roaming\Adobe
2015-08-20 10:44:47 ----D---- C:\Windows\rescache
2015-08-20 04:13:47 ----SD---- C:\ProgramData\Microsoft
2015-08-20 03:46:21 ----D---- C:\Windows\system32\migration
2015-08-20 03:31:20 ----SD---- C:\Windows\system32\CompatTel
2015-08-20 03:31:20 ----D---- C:\Windows\WinStore
2015-08-20 03:31:20 ----D---- C:\Windows\system32\WinMetadata
2015-08-20 03:31:20 ----D---- C:\Windows\system32\drivers\UMDF
2015-08-20 03:31:20 ----D---- C:\Windows\system32\drivers\en-US
2015-08-20 03:31:19 ----RSD---- C:\Windows\Media
2015-08-20 03:31:19 ----D---- C:\Windows\system32\appraiser
2015-08-20 03:31:19 ----D---- C:\Windows\PolicyDefinitions
2015-08-20 03:31:19 ----D---- C:\Windows\apppatch
2015-08-20 03:31:19 ----D---- C:\Program Files\Windows Defender
2015-08-20 03:31:19 ----D---- C:\Program Files\Internet Explorer
2015-08-20 03:31:06 ----D---- C:\Windows\system32\Sysprep
2015-08-20 03:31:06 ----D---- C:\Windows\system32\Macromed
2015-08-20 03:31:02 ----HD---- C:\Windows\system32\GroupPolicy
2015-08-20 03:31:01 ----D---- C:\Windows\servicing
2015-08-20 03:30:57 ----D---- C:\Windows\AppCompat
2015-08-20 03:30:49 ----D---- C:\ProgramData\Skype
2015-08-20 03:30:49 ----D---- C:\Program Files\TeamViewer
2015-08-20 03:30:48 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-20 03:30:46 ----D---- C:\Dan
2015-08-20 03:24:15 ----D---- C:\Windows\system32\catroot
2015-08-20 02:44:14 ----D---- C:\Program Files\Nero
2015-08-20 02:44:10 ----D---- C:\Program Files\Common Files\Nero
2015-08-19 13:57:52 ----D---- C:\Windows\system32\MRT
2015-08-19 13:38:58 ----A---- C:\Windows\system32\MRT.exe
2015-08-08 15:55:08 ----A---- C:\Windows\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2015-01-30 190880]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2015-01-30 51824]
R0 pwdrvio;pwdrvio; C:\Windows\system32\pwdrvio.sys [2013-09-30 15688]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-06-10 329384]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-01-30 193464]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-01-30 135808]
R1 EpfwLWF;@oem42.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2015-01-30 37928]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2013-08-22 57344]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2015-01-30 176448]
R3 ALCXWDM;@oem21.inf,%AC97AUD.SvcDesc%;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC.SYS [2009-06-18 4172832]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-11-16 10070016]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-11-16 290304]
R3 athur;@oem2.inf,%ATHR.Service.DispName%;Qualcomm Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athuw8.sys [2013-06-02 2193408]
R3 dtlitescsibus;@oem86.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2015-06-10 25016]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2013-08-22 29184]
S1 MpKslc12f392f;MpKslc12f392f; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5675E298-FF1F-42ED-BD30-D62313261207}\MpKslc12f392f.sys []
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files\FinalWire\AIDA64 Extreme\kerneld.x32 [2015-03-23 33616]
S3 AthDfu;@oem45.inf,%AthDfu.SvcDesc%;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2012-08-22 47144]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2015-04-29 511504]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2015-06-10 39424]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 95232]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2015-06-10 1014784]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2015-06-10 60928]
S3 dg_ssudbus;@oem47.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-10-13 89856]
S3 ewusbnet;@oem90.inf,%qcwwan.Service.DispName%;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys []
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpio.sys [2013-07-23 22016]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\Windows\System32\drivers\iaioi2c.sys [2013-07-23 61936]
S3 NdisImPlatformMp;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-531; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [2014-11-21 109568]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 131584]
S3 ssudmdm;@oem73.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-10-13 184192]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2014-11-21 88192]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2014-11-21 37888]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-11-21 177152]
S3 WDC_SAM;@oem88.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam.sys [2015-04-30 20256]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-11-16 217088]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-11-21 33088]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2015-01-28 1349576]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2015-08-24 2909472]
R2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2014-10-22 966288]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-06-05 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-11-21 33088]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-05-21 1026288]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-06-05 107848]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]
S4 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-08-07 5611280]

-----------------EOF-----------------

[Roli]

Zdravím, s tím nelegálním produktem od Microsoftu uděláme co ?

[VLADKO123456]

Peter Kmoško zo spoločnosti Microsoft Slovensko hovorí “Ten, kto používa nelegálny a neaktivovaný systém Windows, nemôže si ho aktivovať na plnohodnotný Windows 10. Používateľské prostredie totiž bude mať vpravo dole výrazný vodoznak informujúci o nelegálnosti a počítač bude mať obmedzenú funkcionalitu. Ak niekto kúpi takýto počítač, mal by ho hneď vrátiť.”
Nakoľko som si windows 10 aktivoval, je teda zrejmé že nelegálny softwer nepoužívam... Prosím, opravte ma ak sa mýlim...
Logfile of random's system information tool 1.10 (written by random/random)
Run by Dodo at 2015-12-16 01:02:25
Microsoft Windows 10 Pro
System drive C: has 447 GB (94%) free of 476 GB
Total RAM: 2048 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:03:25 AM, on 12/16/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\Windows\SOUNDMAN.EXE
C:\Users\Dodo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\WINDOWS\system32\svchost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Dodo\Downloads\RSIT.exe
C:\Program Files\trend micro\Dodo.exe
C:\WINDOWS\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Dodo\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O9 - Extra button: Odoslat do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslat do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

--
End of file - 4584 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2009-04-14 604704]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Dodo\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-09 551112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMD AVT]
Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-12-16 01:02:26 ----D---- C:\Program Files\trend micro
2015-12-16 01:02:25 ----D---- C:\rsit
2015-12-16 00:30:25 ----D---- C:\WINDOWS\PCHEALTH
2015-12-16 00:29:30 ----A---- C:\WINDOWS\system32\VB5DB.DLL
2015-12-11 20:42:26 ----D---- C:\WINDOWS\system32\SleepStudy
2015-12-11 20:13:05 ----D---- C:\Program Files\pidgin-otr
2015-12-11 20:09:02 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-11 20:09:01 ----A---- C:\WINDOWS\system32\twinui.dll
2015-12-11 20:08:59 ----A---- C:\WINDOWS\system32\shell32.dll
2015-12-11 20:08:57 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-12-11 20:08:56 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-12-11 20:08:55 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-11 20:08:54 ----A---- C:\WINDOWS\system32\mfcore.dll
2015-12-11 20:08:52 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-11 20:08:52 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-11 20:08:51 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2015-12-11 20:08:51 ----A---- C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-11 20:08:51 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-11 20:08:51 ----A---- C:\WINDOWS\system32\cdp.dll
2015-12-11 20:08:51 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-11 20:08:50 ----A---- C:\WINDOWS\system32\InputService.dll
2015-12-11 20:08:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-12-11 20:08:49 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-12-11 20:08:49 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-12-11 20:08:49 ----A---- C:\WINDOWS\system32\d3d11.dll
2015-12-11 20:08:48 ----A---- C:\WINDOWS\system32\edgehtml.dll
2015-12-11 20:08:47 ----A---- C:\WINDOWS\system32\wininet.dll
2015-12-11 20:08:46 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2015-12-11 20:08:45 ----A---- C:\WINDOWS\system32\wwansvc.dll
2015-12-11 20:08:45 ----A---- C:\WINDOWS\system32\usermgr.dll
2015-12-11 20:08:45 ----A---- C:\WINDOWS\system32\Unistore.dll
2015-12-11 20:08:45 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2015-12-11 20:08:45 ----A---- C:\WINDOWS\system32\mf.dll
2015-12-11 20:08:44 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2015-12-11 20:08:44 ----A---- C:\WINDOWS\system32\wpncore.dll
2015-12-11 20:08:44 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2015-12-11 20:08:44 ----A---- C:\WINDOWS\system32\dcomp.dll
2015-12-11 20:08:43 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-12-11 20:08:43 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-12-11 20:08:42 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-11 20:08:42 ----A---- C:\WINDOWS\system32\services.exe
2015-12-11 20:08:42 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2015-12-11 20:08:42 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-12-11 20:08:41 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2015-12-11 20:08:41 ----A---- C:\WINDOWS\system32\MbaeApi.dll
2015-12-11 20:08:41 ----A---- C:\WINDOWS\system32\kerberos.dll
2015-12-11 20:08:41 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-12-11 20:08:41 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2015-12-11 20:08:41 ----A---- C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-11 20:08:40 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2015-12-11 20:08:40 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2015-12-11 20:08:40 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-12-11 20:08:40 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-11 20:08:40 ----A---- C:\WINDOWS\system32\jscript.dll
2015-12-11 20:08:39 ----A---- C:\WINDOWS\system32\win32kfull.sys
2015-12-11 20:08:39 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-12-11 20:08:39 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2015-12-11 20:08:39 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-12-11 20:08:39 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2015-12-11 20:08:39 ----A---- C:\WINDOWS\system32\AudioEng.dll
2015-12-11 20:08:38 ----A---- C:\WINDOWS\system32\wimgapi.dll
2015-12-11 20:08:37 ----A---- C:\WINDOWS\system32\LogonController.dll
2015-12-11 20:08:37 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2015-12-11 20:08:37 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2015-12-11 20:08:36 ----A---- C:\WINDOWS\system32\user32.dll
2015-12-11 20:08:36 ----A---- C:\WINDOWS\system32\SensorService.dll
2015-12-11 20:08:36 ----A---- C:\WINDOWS\system32\provhandlers.dll
2015-12-11 20:08:36 ----A---- C:\WINDOWS\system32\provengine.dll
2015-12-11 20:08:36 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2015-12-11 20:08:36 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2015-12-11 20:08:36 ----A---- C:\WINDOWS\system32\CellularAPI.dll
2015-12-11 20:08:35 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2015-12-11 20:08:35 ----A---- C:\WINDOWS\system32\policymanager.dll
2015-12-11 20:08:35 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2015-12-11 20:08:35 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2015-12-11 20:08:35 ----A---- C:\WINDOWS\system32\cryptngc.dll
2015-12-11 20:08:35 ----A---- C:\WINDOWS\system32\comsvcs.dll
2015-12-11 20:08:35 ----A---- C:\WINDOWS\system32\authui.dll
2015-12-11 20:08:34 ----A---- C:\WINDOWS\system32\mfps.dll
2015-12-11 20:08:34 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-12-11 20:08:34 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-12-11 20:08:34 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2015-12-11 20:08:33 ----A---- C:\WINDOWS\system32\win32kbase.sys
2015-12-11 20:08:32 ----A---- C:\WINDOWS\system32\SRH.dll
2015-12-11 20:08:32 ----A---- C:\WINDOWS\system32\drivers\sdstor.sys
2015-12-11 20:08:31 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2015-12-11 20:08:31 ----A---- C:\WINDOWS\system32\mssign32.dll
2015-12-11 20:08:31 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys
2015-12-11 20:08:31 ----A---- C:\WINDOWS\system32\drivers\capimg.sys
2015-12-11 20:08:31 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-12-11 20:08:30 ----A---- C:\WINDOWS\system32\wwapi.dll
2015-12-11 20:08:30 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-11 20:08:30 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-12-11 20:08:30 ----A---- C:\WINDOWS\system32\AudioSes.dll
2015-12-11 20:08:30 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-11 20:08:30 ----A---- C:\WINDOWS\system32\audiodg.exe
2015-12-11 20:08:29 ----A---- C:\WINDOWS\system32\WWAHost.exe
2015-12-11 20:08:29 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-12-11 20:08:29 ----A---- C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-11 20:08:29 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-11 20:08:29 ----A---- C:\WINDOWS\system32\mfpmp.exe
2015-12-11 20:08:29 ----A---- C:\WINDOWS\system32\EncDump.dll
2015-12-11 20:08:28 ----A---- C:\WINDOWS\system32\wimserv.exe
2015-12-11 20:08:28 ----A---- C:\WINDOWS\system32\drivers\wimmount.sys
2015-12-11 20:08:27 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2015-12-11 20:08:26 ----A---- C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-11 20:08:26 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-11 20:08:26 ----A---- C:\WINDOWS\system32\shutdownux.dll
2015-12-11 20:08:26 ----A---- C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-11 20:08:23 ----A---- C:\WINDOWS\system32\catsrvut.dll
2015-12-11 20:08:22 ----A---- C:\WINDOWS\system32\iesetup.dll
2015-12-11 20:08:22 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2015-12-11 20:08:22 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2015-12-11 20:08:20 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2015-12-11 20:08:20 ----A---- C:\WINDOWS\system32\mos.dll
2015-12-11 20:08:20 ----A---- C:\WINDOWS\system32\iernonce.dll
2015-12-11 20:08:18 ----A---- C:\WINDOWS\system32\wwanmm.dll
2015-12-11 20:08:17 ----A---- C:\WINDOWS\system32\wwanconn.dll
2015-12-11 20:08:17 ----A---- C:\WINDOWS\system32\wshrm.dll
2015-12-11 20:08:17 ----A---- C:\WINDOWS\system32\win32k.sys
2015-12-11 20:08:17 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2015-12-11 20:08:17 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2015-12-11 20:08:17 ----A---- C:\WINDOWS\system32\BingMaps.dll
2015-12-11 20:08:16 ----A---- C:\WINDOWS\system32\jsproxy.dll
2015-12-11 20:08:15 ----A---- C:\WINDOWS\system32\pnidui.dll
2015-12-11 20:08:15 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2015-12-11 20:08:14 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2015-12-11 20:08:14 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2015-12-11 20:08:14 ----A---- C:\WINDOWS\system32\audiosrv.dll
2015-12-11 20:08:13 ----A---- C:\WINDOWS\system32\NMAA.dll
2015-12-11 20:08:13 ----A---- C:\WINDOWS\system32\MapsStore.dll
2015-12-11 20:08:13 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2015-12-11 20:08:13 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2015-12-11 20:08:12 ----A---- C:\WINDOWS\system32\wwanprotdim.dll
2015-12-11 20:08:12 ----A---- C:\WINDOWS\system32\Wwanpref.dll
2015-12-11 20:08:12 ----A---- C:\WINDOWS\system32\wwancfg.dll
2015-12-11 20:08:12 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-11 20:08:12 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-11 20:08:12 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-11 20:08:12 ----A---- C:\WINDOWS\system32\moshostcore.dll
2015-12-11 20:08:12 ----A---- C:\WINDOWS\system32\fontsub.dll
2015-12-11 20:08:11 ----A---- C:\WINDOWS\system32\wininetlui.dll
2015-12-11 20:08:11 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2015-12-11 20:08:11 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2015-12-11 20:08:11 ----A---- C:\WINDOWS\system32\MosStorage.dll
2015-12-11 20:08:11 ----A---- C:\WINDOWS\system32\dciman32.dll
2015-12-11 20:08:11 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-11 20:08:10 ----A---- C:\WINDOWS\system32\readingviewresources.dll
2015-12-11 20:08:10 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2015-12-11 20:08:10 ----A---- C:\WINDOWS\system32\provdatastore.dll
2015-12-11 20:08:10 ----A---- C:\WINDOWS\system32\moshost.dll
2015-12-11 20:08:10 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-11 20:08:10 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2015-12-11 20:08:09 ----A---- C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-11 20:08:09 ----A---- C:\WINDOWS\system32\wsplib.dll
2015-12-11 20:08:09 ----A---- C:\WINDOWS\system32\provops.dll
2015-12-11 20:08:09 ----A---- C:\WINDOWS\system32\MosHostClient.dll
2015-12-11 20:08:09 ----A---- C:\WINDOWS\system32\MapsCSP.dll
2015-12-11 20:08:09 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-11 20:08:09 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-11 20:08:09 ----A---- C:\WINDOWS\system32\AppCapture.dll
2015-12-11 20:08:08 ----A---- C:\WINDOWS\system32\wups2.dll
2015-12-11 20:08:08 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2015-12-11 20:08:08 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2015-12-11 20:08:08 ----A---- C:\WINDOWS\system32\rilproxy.dll
2015-12-11 20:08:08 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-11 20:08:08 ----A---- C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-11 20:08:08 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2015-12-11 20:08:08 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2015-12-11 20:08:08 ----A---- C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-11 20:08:07 ----A---- C:\WINDOWS\system32\tetheringclient.dll
2015-12-11 20:08:07 ----A---- C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-11 20:08:07 ----A---- C:\WINDOWS\system32\nativemap.dll
2015-12-11 20:08:07 ----A---- C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-11 20:08:07 ----A---- C:\WINDOWS\system32\mapstoasttask.dll
2015-12-11 20:08:07 ----A---- C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-11 20:08:07 ----A---- C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-11 20:08:07 ----A---- C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-11 20:08:06 ----A---- C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-11 20:08:06 ----A---- C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-11 20:08:06 ----A---- C:\WINDOWS\system32\provtool.exe
2015-12-11 20:08:06 ----A---- C:\WINDOWS\system32\lpk.dll
2015-12-11 20:08:06 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-11 20:08:06 ----A---- C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-11 20:08:04 ----A---- C:\WINDOWS\system32\NmaDirect.dll
2015-12-11 20:08:03 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-11 20:08:03 ----A---- C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-11 20:08:03 ----A---- C:\WINDOWS\system32\MosResource.dll
2015-12-11 20:08:03 ----A---- C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-11 20:08:02 ----A---- C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-11 20:08:02 ----A---- C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-11 20:08:02 ----A---- C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-11 20:08:02 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-12-11 20:08:02 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-12-11 19:58:12 ----D---- C:\Users\Dodo\AppData\Roaming\.purple
2015-12-11 19:57:29 ----D---- C:\Program Files\Pidgin
2015-12-10 13:54:41 ----D---- C:\Program Files\Google
2015-12-10 07:13:53 ----DC---- C:\WINDOWS\Panther
2015-12-10 07:10:25 ----D---- C:\Windows.old
2015-12-10 07:09:35 ----D---- C:\WINDOWS\system32\Microsoft
2015-12-10 07:08:21 ----D---- C:\Program Files\Reference Assemblies
2015-12-10 07:08:21 ----D---- C:\Program Files\MSBuild
2015-12-10 07:07:50 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-10 07:07:50 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-10 07:07:50 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-09 23:08:08 ----D---- C:\Users\Dodo\AppData\Roaming\Macromedia
2015-12-09 22:44:10 ----D---- C:\ProgramData\Microsoft OneDrive
2015-12-09 22:43:50 ----A---- C:\WINDOWS\system32\NlsLexicons001b.dll
2015-12-09 22:43:50 ----A---- C:\WINDOWS\system32\NlsData001b.dll
2015-12-09 22:43:50 ----A---- C:\WINDOWS\system32\MLS2.dll
2015-12-09 22:38:45 ----D---- C:\Users\Dodo\AppData\Roaming\Adobe
2015-12-09 22:33:50 ----D---- C:\ProgramData\USOShared
2015-12-09 22:33:32 ----SHD---- C:\ProgramData\Templates
2015-12-09 22:33:32 ----SHD---- C:\ProgramData\Start Menu
2015-12-09 22:33:32 ----SHD---- C:\ProgramData\Favorites
2015-12-09 22:33:32 ----SHD---- C:\ProgramData\Documents
2015-12-09 22:33:32 ----SHD---- C:\ProgramData\Desktop
2015-12-09 22:33:32 ----SHD---- C:\ProgramData\Application Data
2015-12-09 22:33:31 ----SHD---- C:\Recovery
2015-12-09 22:33:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-09 22:31:27 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2015-12-09 22:28:08 ----ASH---- C:\hiberfil.sys
2015-12-09 22:24:09 ----D---- C:\Program Files\Common Files\SpeechEngines
2015-12-09 22:22:25 ----SD---- C:\Users\Dodo\AppData\Roaming\Microsoft
2015-12-09 22:17:21 ----AS---- C:\WINDOWS\bootstat.dat
2015-12-09 22:16:48 ----D---- C:\WINDOWS\Prefetch
2015-12-09 22:14:46 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-09 22:14:35 ----ASH---- C:\swapfile.sys
2015-12-09 21:36:44 ----HD---- C:\$WINDOWS.~BT
2015-12-09 21:30:54 ----D---- C:\ESD
2015-12-09 21:15:06 ----HD---- C:\$Windows.~WS
2015-12-09 00:44:10 ----D---- C:\WINDOWS\AutoKMS
2015-12-09 00:36:29 ----D---- C:\Program Files\Common Files\DESIGNER
2015-12-09 00:36:03 ----D---- C:\Program Files\Microsoft Synchronization Services
2015-12-09 00:35:41 ----D---- C:\Program Files\Microsoft Sync Framework
2015-12-09 00:35:41 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2015-12-09 00:32:31 ----D---- C:\Program Files\Microsoft Visual Studio 8
2015-12-09 00:31:40 ----D---- C:\Program Files\Microsoft Analysis Services
2015-12-09 00:31:23 ----D---- C:\ProgramData\Microsoft Help
2015-12-09 00:31:23 ----D---- C:\Program Files\Microsoft Office
2015-12-09 00:31:07 ----RHD---- C:\MSOCache
2015-12-08 22:29:34 ----D---- C:\WINDOWS\system32\MRT
2015-12-08 22:29:28 ----A---- C:\WINDOWS\system32\MRT.exe
2015-12-08 22:01:58 ----A---- C:\WINDOWS\system32\netr28u.sys
2015-12-08 22:01:57 ----HD---- C:\Program Files\InstallShield Installation Information
2015-12-08 22:01:05 ----D---- C:\ProgramData\TP-LINK
2015-12-08 21:43:02 ----D---- C:\Users\Dodo\AppData\Roaming\ATI
2015-12-08 21:39:53 ----D---- C:\ProgramData\AMD
2015-12-08 21:39:53 ----D---- C:\Program Files\AMD AVT
2015-12-08 21:39:51 ----D---- C:\Program Files\AMD APP
2015-12-08 21:39:47 ----D---- C:\Program Files\Common Files\ATI Technologies
2015-12-08 21:38:30 ----D---- C:\Program Files\ATI Technologies
2015-12-08 21:38:28 ----D---- C:\Program Files\ATI
2015-12-08 21:26:14 ----D---- C:\AMD
2015-12-08 21:17:42 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2015-12-08 21:00:37 ----D---- C:\Users\Dodo\AppData\Roaming\Identities
2015-12-08 21:00:27 ----D---- C:\Users\Dodo\AppData\Roaming\Media Center Programs
2015-12-08 20:53:15 ----D---- C:\WINDOWS\SoftwareDistribution
2015-12-08 20:50:30 ----SHD---- C:\System Volume Information
2015-12-08 20:50:30 ----ASH---- C:\pagefile.sys

======List of files/folders modified in the last 1 month======

2015-12-16 01:02:26 ----RD---- C:\Program Files
2015-12-16 01:02:18 ----D---- C:\WINDOWS\Temp
2015-12-16 00:50:00 ----D---- C:\WINDOWS\system32\sru
2015-12-16 00:32:30 ----D---- C:\WINDOWS\System32
2015-12-16 00:31:25 ----SHD---- C:\WINDOWS\Installer
2015-12-16 00:30:52 ----D---- C:\WINDOWS\system32\wbem
2015-12-16 00:30:48 ----RSD---- C:\WINDOWS\Fonts
2015-12-16 00:30:25 ----D---- C:\Windows
2015-12-16 00:28:43 ----D---- C:\Program Files\Common Files
2015-12-15 20:13:16 ----D---- C:\WINDOWS\Microsoft.NET
2015-12-15 19:50:18 ----D---- C:\WINDOWS\AppReadiness
2015-12-15 19:50:12 ----HD---- C:\Program Files\WindowsApps
2015-12-14 01:06:06 ----D---- C:\WINDOWS\INF
2015-12-14 01:03:03 ----D---- C:\WINDOWS\system32\drivers
2015-12-14 01:03:00 ----D---- C:\WINDOWS\debug
2015-12-13 15:08:01 ----D---- C:\WINDOWS\rescache
2015-12-12 23:12:57 ----SD---- C:\ProgramData\Microsoft
2015-12-12 20:49:39 ----D---- C:\WINDOWS\system32\Tasks
2015-12-12 20:23:00 ----D---- C:\WINDOWS\system32\NDF
2015-12-12 15:35:59 ----RD---- C:\WINDOWS\assembly
2015-12-12 15:16:11 ----D---- C:\WINDOWS\Logs
2015-12-12 14:02:38 ----D---- C:\WINDOWS\system32\config
2015-12-12 14:02:37 ----D---- C:\WINDOWS\WinSxS
2015-12-12 01:53:00 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2015-12-12 01:53:00 ----D---- C:\WINDOWS\system32\oobe
2015-12-12 01:53:00 ----D---- C:\WINDOWS\system32\migration
2015-12-12 01:53:00 ----D---- C:\WINDOWS\system32\en-US
2015-12-12 01:53:00 ----D---- C:\WINDOWS\system32\drivers\UMDF
2015-12-12 01:53:00 ----D---- C:\WINDOWS\system32\Dism
2015-12-12 01:53:00 ----D---- C:\WINDOWS\system32\appraiser
2015-12-12 01:52:58 ----RD---- C:\WINDOWS\PurchaseDialog
2015-12-12 01:52:58 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-12-12 01:52:58 ----D---- C:\WINDOWS\Provisioning
2015-12-12 01:52:58 ----D---- C:\WINDOWS\apppatch
2015-12-12 01:52:58 ----D---- C:\Program Files\Internet Explorer
2015-12-12 01:52:56 ----D---- C:\WINDOWS\system32\DriverStore
2015-12-11 20:11:35 ----D---- C:\WINDOWS\CbsTemp
2015-12-10 14:02:13 ----D---- C:\WINDOWS\Tasks
2015-12-10 13:44:05 ----D---- C:\WINDOWS\system32\WDI
2015-12-10 13:44:03 ----D---- C:\WINDOWS\AppCompat
2015-12-09 23:55:42 ----HD---- C:\ProgramData
2015-12-09 23:26:15 ----HD---- C:\WINDOWS\system32\GroupPolicy
2015-12-09 22:58:50 ----RD---- C:\WINDOWS\DevicesFlow
2015-12-09 22:43:57 ----D---- C:\WINDOWS\OCR
2015-12-09 22:40:17 ----RD---- C:\WINDOWS\PrintDialog
2015-12-09 22:40:15 ----RD---- C:\WINDOWS\MiracastView
2015-12-09 22:34:55 ----D---- C:\WINDOWS\system32\restore
2015-12-09 22:33:21 ----D---- C:\WINDOWS\system32\WinBioDatabase
2015-12-09 22:32:30 ----D---- C:\WINDOWS\Registration
2015-12-09 22:31:20 ----D---- C:\WINDOWS\system32\drivers\etc
2015-12-09 22:31:14 ----D---- C:\WINDOWS\system32\LogFiles
2015-12-09 22:31:11 ----RSD---- C:\WINDOWS\Media
2015-12-09 22:31:01 ----D---- C:\WINDOWS\system32\spool
2015-12-09 22:30:00 ----D---- C:\WINDOWS\system32\catroot2
2015-12-09 22:27:21 ----D---- C:\WINDOWS\system32\OEM
2015-12-09 22:27:21 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-12-09 22:27:21 ----D---- C:\WINDOWS\ShellNew
2015-12-09 22:24:37 ----D---- C:\WINDOWS\system32\IME
2015-12-09 22:24:25 ----D---- C:\WINDOWS\system32\CatRoot
2015-12-09 22:24:23 ----D---- C:\WINDOWS\schemas
2015-12-09 22:24:17 ----D---- C:\WINDOWS\ehome
2015-12-09 22:24:15 ----RD---- C:\Users
2015-12-09 22:24:11 ----SHD---- C:\Program Files\Windows Sidebar
2015-12-09 22:24:10 ----D---- C:\Program Files\Microsoft.NET
2015-12-09 22:24:10 ----D---- C:\Program Files\Microsoft Games
2015-12-09 22:24:09 ----D---- C:\Program Files\DVD Maker
2015-12-09 22:24:09 ----D---- C:\Program Files\Common Files\System
2015-12-09 22:24:09 ----D---- C:\Program Files\Common Files\microsoft shared
2015-12-09 22:23:14 ----D---- C:\WINDOWS\system32\Recovery
2015-12-09 22:19:35 ----D---- C:\WINDOWS\system32\Sysprep
2015-12-09 22:14:57 ----D---- C:\WINDOWS\ServiceProfiles
2015-12-09 00:31:50 ----A---- C:\WINDOWS\win.ini
2015-12-08 21:00:35 ----SHD---- C:\$Recycle.Bin
2015-12-08 20:51:07 ----D---- C:\WINDOWS\CSC
2015-12-01 01:33:29 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 76288]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 7680]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\System32\drivers\vwififlt.sys [2015-10-30 62976]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 36864]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 62464]
R3 ALCXWDM;@oem3.inf,%AC97AUD.SvcDesc%;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\RTKVAC.SYS [2009-06-18 4172832]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-01-13 10070016]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-01-13 290304]
R3 AtiHDAudioService;@oem2.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdW73.sys [2012-05-14 86656]
R3 netr28u;@netr28u.inf,%Generic.Service.DispName%;RT2870 USB Extensible Wireless LAN Card Driver; C:\WINDOWS\System32\drivers\netr28u.sys [2015-10-30 1800704]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\System32\drivers\vwifimp.sys [2015-10-30 30208]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 88928]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 83288]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 51040]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 51552]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 27992]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 8192]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 26624]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-11-22 96768]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 17408]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2015-10-30 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 38240]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 66048]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2015-10-30 61936]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 23040]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-10-30 45056]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 33792]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-10-30 32768]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2015-10-30 200032]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 74080]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 104800]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 21856]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-10-30 42840]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 21856]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2015-10-30 92672]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\WINDOWS\System32\drivers\usbser.sys [2015-10-30 48640]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2015-10-30 184832]
S3 vhf;@%SystemRoot%\system32\drivers\vhf.sys,-100; C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 24064]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-01-13 217088]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
R2 OneSyncSvc_3688558;Sync Host_3688558; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-10 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 26112]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2015-10-24 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-10 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_3688558;MessagingService_3688558; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_3688558;Contact Data_3688558; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 900096]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 256512]
S3 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UnistoreSvc_3688558;User Data Storage_3688558; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 UserDataSvc_3688558;User Data Access_3688558; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 vmicvmsession;@%systemroot%\system32\icsvc.dll,-901; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]

-----------------EOF-----------------

[Roli]

Peter Kmoško zo spoločnosti Microsoft Slovensko hovorí “Ten, kto používa nelegálny a neaktivovaný systém Windows, nemôže si ho aktivovať na plnohodnotný Windows 10. Používateľské prostredie totiž bude mať vpravo dole výrazný vodoznak informujúci o nelegálnosti a počítač bude mať obmedzenú funkcionalitu. Ak niekto kúpi takýto počítač, mal by ho hneď vrátiť.”
Nakoľko som si windows 10 aktivoval, je teda zrejmé že nelegálny softwer nepoužívam... Prosím, opravte ma ak sa mýlim...

Pokud prošlo ověření pravosti systém by měl být legální, ale ten crack tam je pořád a to by znamenalo nelegální Office.

Je tu tedy na výběr, buď odmažu ten crack a uvidíme co se stane nebo odinstaluješ ty Office.

[VLADKO123456]

oddinštalujem Office

[Roli]

oddinštalujem Office

Dobře a pak mi sem dej aktuální log z Rsit.

[VLADKO123456]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Dodo at 2015-12-20 04:27:13
Microsoft Windows 10 Pro
System drive C: has 444 GB (93%) free of 476 GB
Total RAM: 2048 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:28:38, on 20. 12. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\SOUNDMAN.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.25.5.0_x86__8wekyb3d8bbwe\WinStore.Mobile.exe
C:\Windows\System32\wuapihost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Dodo\Downloads\RSIT.exe
C:\Program Files\trend micro\Dodo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

--
End of file - 3967 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2009-04-14 604704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-11-16 6602152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMD AVT]
Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-12-18 02:14:32 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-17 23:50:33 ----SHD---- C:\Config.Msi
2015-12-17 23:47:00 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2015-12-17 23:46:54 ----A---- C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-17 23:46:54 ----A---- C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-17 23:46:53 ----A---- C:\WINDOWS\system32\drivers\sdstor.sys
2015-12-17 23:46:49 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2015-12-17 23:46:47 ----A---- C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-17 23:46:47 ----A---- C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-17 23:46:47 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2015-12-17 23:46:47 ----A---- C:\WINDOWS\system32\Wwanpref.dll
2015-12-17 23:46:47 ----A---- C:\WINDOWS\system32\wwanmm.dll
2015-12-17 23:46:47 ----A---- C:\WINDOWS\system32\wwanconn.dll
2015-12-17 23:46:46 ----A---- C:\WINDOWS\system32\wwapi.dll
2015-12-17 23:46:46 ----A---- C:\WINDOWS\system32\wwansvc.dll
2015-12-17 23:46:46 ----A---- C:\WINDOWS\system32\wwanprotdim.dll
2015-12-17 23:46:46 ----A---- C:\WINDOWS\system32\wwancfg.dll
2015-12-17 23:46:46 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2015-12-17 23:46:46 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2015-12-17 23:46:45 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2015-12-17 23:46:45 ----A---- C:\WINDOWS\system32\win32kfull.sys
2015-12-17 23:46:45 ----A---- C:\WINDOWS\system32\win32kbase.sys
2015-12-17 23:46:45 ----A---- C:\WINDOWS\system32\win32k.sys
2015-12-17 23:46:45 ----A---- C:\WINDOWS\system32\wimserv.exe
2015-12-17 23:46:45 ----A---- C:\WINDOWS\system32\wimgapi.dll
2015-12-17 23:46:45 ----A---- C:\WINDOWS\system32\drivers\wimmount.sys
2015-12-17 23:46:44 ----A---- C:\WINDOWS\system32\WWAHost.exe
2015-12-17 23:46:44 ----A---- C:\WINDOWS\system32\wups2.dll
2015-12-17 23:46:44 ----A---- C:\WINDOWS\system32\wifitask.exe
2015-12-17 23:46:44 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-17 23:46:44 ----A---- C:\WINDOWS\system32\wificonnapi.dll
2015-12-17 23:46:44 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2015-12-17 23:46:44 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2015-12-17 23:46:43 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-12-17 23:46:43 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-12-17 23:46:43 ----A---- C:\WINDOWS\system32\user32.dll
2015-12-17 23:46:43 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2015-12-17 23:46:43 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2015-12-17 23:46:42 ----A---- C:\WINDOWS\system32\Unistore.dll
2015-12-17 23:46:42 ----A---- C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-17 23:46:42 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-17 23:46:42 ----A---- C:\WINDOWS\system32\twinui.dll
2015-12-17 23:46:42 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-17 23:46:41 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2015-12-17 23:46:41 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2015-12-17 23:46:41 ----A---- C:\WINDOWS\system32\drivers\tdx.sys
2015-12-17 23:46:36 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2015-12-17 23:46:35 ----A---- C:\WINDOWS\system32\StorSvc.dll
2015-12-17 23:46:35 ----A---- C:\WINDOWS\system32\StorageUsage.dll
2015-12-17 23:46:35 ----A---- C:\WINDOWS\system32\SRH.dll
2015-12-17 23:46:35 ----A---- C:\WINDOWS\system32\shutdownux.dll
2015-12-17 23:46:34 ----A---- C:\WINDOWS\system32\shell32.dll
2015-12-17 23:46:33 ----A---- C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-17 23:46:33 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-17 23:46:33 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-17 23:46:33 ----A---- C:\WINDOWS\system32\SensorService.dll
2015-12-17 23:46:33 ----A---- C:\WINDOWS\system32\cryptngc.dll
2015-12-17 23:46:32 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-12-17 23:46:32 ----A---- C:\WINDOWS\system32\kerberos.dll
2015-12-17 23:46:32 ----A---- C:\WINDOWS\system32\jscript.dll
2015-12-17 23:46:32 ----A---- C:\WINDOWS\system32\fveapibase.dll
2015-12-17 23:46:32 ----A---- C:\WINDOWS\system32\fveapi.dll
2015-12-17 23:46:31 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-17 23:46:31 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-17 23:46:04 ----A---- C:\WINDOWS\system32\wshrm.dll
2015-12-17 23:46:04 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2015-12-17 23:46:04 ----A---- C:\WINDOWS\system32\services.exe
2015-12-17 23:46:04 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys
2015-12-17 23:46:02 ----A---- C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-17 23:46:02 ----A---- C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-17 23:46:02 ----A---- C:\WINDOWS\system32\provtool.exe
2015-12-17 23:46:02 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-17 23:46:01 ----A---- C:\WINDOWS\system32\provops.dll
2015-12-17 23:46:01 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2015-12-17 23:46:01 ----A---- C:\WINDOWS\system32\provhandlers.dll
2015-12-17 23:46:01 ----A---- C:\WINDOWS\system32\provengine.dll
2015-12-17 23:46:01 ----A---- C:\WINDOWS\system32\provdatastore.dll
2015-12-17 23:46:01 ----A---- C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-17 23:46:01 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2015-12-17 23:46:01 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2015-12-17 23:46:00 ----A---- C:\WINDOWS\system32\pnidui.dll
2015-12-17 23:46:00 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2015-12-17 23:46:00 ----A---- C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-17 23:45:59 ----A---- C:\WINDOWS\system32\wpncore.dll
2015-12-17 23:45:59 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-17 23:45:59 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2015-12-17 23:45:54 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-12-17 23:45:53 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-12-17 23:45:53 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-17 23:45:53 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2015-12-17 23:45:52 ----A---- C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-17 23:45:52 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-17 23:45:52 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2015-12-17 23:45:52 ----A---- C:\WINDOWS\system32\mssign32.dll
2015-12-17 23:45:52 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2015-12-17 23:45:52 ----A---- C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-17 23:45:51 ----A---- C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-17 23:45:51 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-12-17 23:45:51 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2015-12-17 23:45:49 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-17 23:45:49 ----A---- C:\WINDOWS\system32\mfreadwrite.dll
2015-12-17 23:45:49 ----A---- C:\WINDOWS\system32\MFPlay.dll
2015-12-17 23:45:48 ----A---- C:\WINDOWS\system32\mfplat.dll
2015-12-17 23:45:48 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2015-12-17 23:45:48 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-17 23:45:48 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-17 23:45:48 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-17 23:45:47 ----A---- C:\WINDOWS\system32\mfps.dll
2015-12-17 23:45:47 ----A---- C:\WINDOWS\system32\mfpmp.exe
2015-12-17 23:45:47 ----A---- C:\WINDOWS\system32\mfds.dll
2015-12-17 23:45:47 ----A---- C:\WINDOWS\system32\mfcore.dll
2015-12-17 23:45:47 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-17 23:45:46 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-17 23:45:46 ----A---- C:\WINDOWS\system32\NmaDirect.dll
2015-12-17 23:45:46 ----A---- C:\WINDOWS\system32\NMAA.dll
2015-12-17 23:45:46 ----A---- C:\WINDOWS\system32\nativemap.dll
2015-12-17 23:45:46 ----A---- C:\WINDOWS\system32\MosStorage.dll
2015-12-17 23:45:46 ----A---- C:\WINDOWS\system32\MosResource.dll
2015-12-17 23:45:46 ----A---- C:\WINDOWS\system32\mf.dll
2015-12-17 23:45:45 ----A---- C:\WINDOWS\system32\moshostcore.dll
2015-12-17 23:45:45 ----A---- C:\WINDOWS\system32\MosHostClient.dll
2015-12-17 23:45:45 ----A---- C:\WINDOWS\system32\moshost.dll
2015-12-17 23:45:45 ----A---- C:\WINDOWS\system32\mos.dll
2015-12-17 23:45:45 ----A---- C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-17 23:45:45 ----A---- C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-17 23:45:45 ----A---- C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-17 23:45:44 ----A---- C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-17 23:45:44 ----A---- C:\WINDOWS\system32\mapstoasttask.dll
2015-12-17 23:45:44 ----A---- C:\WINDOWS\system32\MapsStore.dll
2015-12-17 23:45:44 ----A---- C:\WINDOWS\system32\MapsCSP.dll
2015-12-17 23:45:44 ----A---- C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-17 23:45:44 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-17 23:45:44 ----A---- C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-17 23:45:43 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2015-12-17 23:45:43 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2015-12-17 23:45:43 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2015-12-17 23:45:43 ----A---- C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-17 23:45:43 ----A---- C:\WINDOWS\system32\BingMaps.dll
2015-12-17 23:45:42 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-17 23:45:42 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-17 23:45:42 ----A---- C:\WINDOWS\system32\MbaeApi.dll
2015-12-17 23:45:42 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-17 23:45:41 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2015-12-17 23:45:41 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-12-17 23:45:41 ----A---- C:\WINDOWS\system32\LogonController.dll
2015-12-17 23:45:41 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2015-12-17 23:45:41 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-12-17 23:45:40 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2015-12-17 23:45:40 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-17 23:45:39 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-17 23:45:39 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2015-12-17 23:45:39 ----A---- C:\WINDOWS\system32\InputService.dll
2015-12-17 23:45:38 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-17 23:45:30 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-17 23:45:28 ----A---- C:\WINDOWS\system32\readingviewresources.dll
2015-12-17 23:45:24 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-12-17 23:45:20 ----A---- C:\WINDOWS\system32\iesetup.dll
2015-12-17 23:45:20 ----A---- C:\WINDOWS\system32\iernonce.dll
2015-12-17 23:45:20 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-12-17 23:45:19 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-12-17 23:45:15 ----A---- C:\WINDOWS\system32\edgehtml.dll
2015-12-17 23:45:14 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-12-17 23:45:13 ----A---- C:\WINDOWS\system32\wininetlui.dll
2015-12-17 23:45:13 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-12-17 23:45:12 ----A---- C:\WINDOWS\system32\wininet.dll
2015-12-17 23:45:12 ----A---- C:\WINDOWS\system32\jsproxy.dll
2015-12-17 23:45:09 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-12-17 23:45:06 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-12-17 23:45:06 ----A---- C:\WINDOWS\system32\lpk.dll
2015-12-17 23:45:05 ----A---- C:\WINDOWS\system32\fontsub.dll
2015-12-17 23:45:05 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2015-12-17 23:45:05 ----A---- C:\WINDOWS\system32\dciman32.dll
2015-12-17 23:45:05 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-12-17 23:45:05 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-12-17 23:45:04 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-17 23:45:04 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2015-12-17 23:45:04 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2015-12-17 23:45:04 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2015-12-17 23:45:03 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-17 23:45:03 ----A---- C:\WINDOWS\system32\MDEServer.exe
2015-12-17 23:45:03 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2015-12-17 23:45:03 ----A---- C:\WINDOWS\system32\d3d11.dll
2015-12-17 23:45:02 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-17 23:45:02 ----A---- C:\WINDOWS\system32\qdvd.dll
2015-12-17 23:45:02 ----A---- C:\WINDOWS\system32\dialserver.dll
2015-12-17 23:45:02 ----A---- C:\WINDOWS\system32\dcomp.dll
2015-12-17 23:45:01 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2015-12-17 23:45:01 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2015-12-17 23:44:58 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2015-12-17 23:44:57 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-17 23:44:52 ----A---- C:\WINDOWS\system32\policymanager.dll
2015-12-17 23:44:50 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2015-12-17 23:44:49 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-17 23:44:48 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-12-17 23:44:47 ----A---- C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-17 23:44:47 ----A---- C:\WINDOWS\system32\cdp.dll
2015-12-17 23:44:22 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-17 23:44:19 ----A---- C:\WINDOWS\system32\comsvcs.dll
2015-12-17 23:44:19 ----A---- C:\WINDOWS\system32\catsrvut.dll
2015-12-17 23:44:16 ----A---- C:\WINDOWS\system32\wsplib.dll
2015-12-17 23:44:15 ----A---- C:\WINDOWS\system32\rilproxy.dll
2015-12-17 23:44:15 ----A---- C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-17 23:44:15 ----A---- C:\WINDOWS\system32\CellularAPI.dll
2015-12-17 23:43:31 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-17 23:43:31 ----A---- C:\WINDOWS\system32\EncDump.dll
2015-12-17 23:43:31 ----A---- C:\WINDOWS\system32\audiosrv.dll
2015-12-17 23:43:30 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2015-12-17 23:43:30 ----A---- C:\WINDOWS\system32\AudioSes.dll
2015-12-17 23:43:30 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-17 23:43:30 ----A---- C:\WINDOWS\system32\AudioEng.dll
2015-12-17 23:43:30 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-17 23:43:30 ----A---- C:\WINDOWS\system32\audiodg.exe
2015-12-17 23:43:29 ----A---- C:\WINDOWS\system32\authui.dll
2015-12-17 23:43:29 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-12-17 23:43:27 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-17 23:43:27 ----A---- C:\WINDOWS\system32\usermgr.dll
2015-12-17 23:43:27 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2015-12-17 23:43:26 ----A---- C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-17 23:43:26 ----A---- C:\WINDOWS\system32\tetheringclient.dll
2015-12-17 23:43:26 ----A---- C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-17 23:43:26 ----A---- C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-17 23:43:26 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2015-12-17 23:43:25 ----A---- C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-17 23:43:25 ----A---- C:\WINDOWS\system32\AppCapture.dll
2015-12-17 23:43:13 ----A---- C:\WINDOWS\system32\drivers\capimg.sys
2015-12-16 16:08:53 ----AD---- C:\Program Files\CCleaner
2015-12-16 14:06:57 ----D---- C:\WINDOWS\Minidump
2015-12-16 08:16:10 ----HD---- C:\$SysReset
2015-12-16 06:45:51 ----D---- C:\inetpub
2015-12-16 01:45:07 ----D---- C:\AdwCleaner
2015-12-16 01:02:26 ----D---- C:\Program Files\trend micro
2015-12-16 01:02:25 ----D---- C:\rsit
2015-12-11 20:42:26 ----D---- C:\WINDOWS\system32\SleepStudy
2015-12-11 20:13:05 ----D---- C:\Program Files\pidgin-otr
2015-12-11 19:58:12 ----D---- C:\Users\Dodo\AppData\Roaming\.purple
2015-12-11 19:57:29 ----D---- C:\Program Files\Pidgin
2015-12-10 13:54:41 ----D---- C:\Program Files\Google
2015-12-10 07:13:53 ----DC---- C:\WINDOWS\Panther
2015-12-10 07:10:25 ----D---- C:\Windows.old
2015-12-10 07:09:35 ----D---- C:\WINDOWS\system32\Microsoft
2015-12-10 07:08:21 ----D---- C:\Program Files\Reference Assemblies
2015-12-10 07:08:21 ----D---- C:\Program Files\MSBuild
2015-12-10 07:07:50 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-10 07:07:50 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-10 07:07:50 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-09 23:08:08 ----D---- C:\Users\Dodo\AppData\Roaming\Macromedia
2015-12-09 22:44:10 ----D---- C:\ProgramData\Microsoft OneDrive
2015-12-09 22:43:50 ----A---- C:\WINDOWS\system32\NlsLexicons001b.dll
2015-12-09 22:43:50 ----A---- C:\WINDOWS\system32\NlsData001b.dll
2015-12-09 22:43:50 ----A---- C:\WINDOWS\system32\MLS2.dll
2015-12-09 22:38:45 ----D---- C:\Users\Dodo\AppData\Roaming\Adobe
2015-12-09 22:33:50 ----D---- C:\ProgramData\USOShared
2015-12-09 22:33:32 ----SHD---- C:\ProgramData\Templates
2015-12-09 22:33:32 ----SHD---- C:\ProgramData\Start Menu
2015-12-09 22:33:32 ----SHD---- C:\ProgramData\Favorites
2015-12-09 22:33:32 ----SHD---- C:\ProgramData\Documents
2015-12-09 22:33:32 ----SHD---- C:\ProgramData\Desktop
2015-12-09 22:33:32 ----SHD---- C:\ProgramData\Application Data
2015-12-09 22:33:31 ----SHD---- C:\Recovery
2015-12-09 22:33:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-09 22:31:27 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2015-12-09 22:28:08 ----ASH---- C:\hiberfil.sys
2015-12-09 22:24:09 ----D---- C:\Program Files\Common Files\SpeechEngines
2015-12-09 22:22:25 ----SD---- C:\Users\Dodo\AppData\Roaming\Microsoft
2015-12-09 22:17:21 ----AS---- C:\WINDOWS\bootstat.dat
2015-12-09 22:16:48 ----D---- C:\WINDOWS\Prefetch
2015-12-09 22:14:35 ----ASH---- C:\swapfile.sys
2015-12-09 21:36:44 ----HD---- C:\$WINDOWS.~BT
2015-12-09 21:30:54 ----D---- C:\ESD
2015-12-09 21:15:06 ----HD---- C:\$Windows.~WS
2015-12-09 00:44:10 ----D---- C:\WINDOWS\AutoKMS
2015-12-09 00:31:23 ----D---- C:\ProgramData\Microsoft Help
2015-12-08 22:29:34 ----D---- C:\WINDOWS\system32\MRT
2015-12-08 22:29:28 ----A---- C:\WINDOWS\system32\MRT.exe
2015-12-08 22:01:58 ----A---- C:\WINDOWS\system32\netr28u.sys
2015-12-08 22:01:57 ----HD---- C:\Program Files\InstallShield Installation Information
2015-12-08 22:01:05 ----D---- C:\ProgramData\TP-LINK
2015-12-08 21:43:02 ----D---- C:\Users\Dodo\AppData\Roaming\ATI
2015-12-08 21:39:53 ----D---- C:\ProgramData\AMD
2015-12-08 21:39:53 ----D---- C:\Program Files\AMD AVT
2015-12-08 21:39:51 ----D---- C:\Program Files\AMD APP
2015-12-08 21:39:47 ----D---- C:\Program Files\Common Files\ATI Technologies
2015-12-08 21:38:30 ----D---- C:\Program Files\ATI Technologies
2015-12-08 21:38:28 ----D---- C:\Program Files\ATI
2015-12-08 21:26:14 ----D---- C:\AMD
2015-12-08 21:17:42 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2015-12-08 21:00:37 ----D---- C:\Users\Dodo\AppData\Roaming\Identities
2015-12-08 21:00:27 ----D---- C:\Users\Dodo\AppData\Roaming\Media Center Programs
2015-12-08 20:53:15 ----D---- C:\WINDOWS\SoftwareDistribution
2015-12-08 20:50:30 ----SHD---- C:\System Volume Information
2015-12-08 20:50:30 ----ASH---- C:\pagefile.sys

======List of files/folders modified in the last 1 month======

2015-12-20 04:26:16 ----D---- C:\WINDOWS\Temp
2015-12-20 04:05:32 ----D---- C:\WINDOWS\Microsoft.NET
2015-12-20 04:02:00 ----RD---- C:\WINDOWS\assembly
2015-12-20 03:49:39 ----D---- C:\WINDOWS\system32\config
2015-12-20 03:42:00 ----D---- C:\WINDOWS\System32
2015-12-20 03:42:00 ----D---- C:\WINDOWS\INF
2015-12-20 03:38:18 ----D---- C:\WINDOWS\WinSxS
2015-12-19 23:55:19 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2015-12-19 23:55:18 ----D---- C:\WINDOWS\system32\oobe
2015-12-19 23:55:18 ----D---- C:\WINDOWS\system32\migration
2015-12-19 23:55:18 ----D---- C:\WINDOWS\system32\en-US
2015-12-19 23:55:18 ----D---- C:\WINDOWS\system32\drivers\UMDF
2015-12-19 23:55:18 ----D---- C:\WINDOWS\system32\drivers
2015-12-19 23:55:18 ----D---- C:\WINDOWS\system32\Dism
2015-12-19 23:55:18 ----D---- C:\WINDOWS\system32\appraiser
2015-12-19 23:55:17 ----RD---- C:\WINDOWS\PurchaseDialog
2015-12-19 23:55:17 ----D---- C:\WINDOWS\Provisioning
2015-12-19 23:55:16 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-12-19 23:55:16 ----D---- C:\WINDOWS\bcastdvr
2015-12-19 23:55:16 ----D---- C:\WINDOWS\apppatch
2015-12-19 23:55:16 ----D---- C:\Program Files\Internet Explorer
2015-12-19 23:55:14 ----D---- C:\WINDOWS\system32\DriverStore
2015-12-19 22:57:00 ----D---- C:\WINDOWS\system32\sru
2015-12-19 20:01:59 ----D---- C:\WINDOWS\AppReadiness
2015-12-19 20:01:58 ----HD---- C:\Program Files\WindowsApps
2015-12-19 19:57:24 ----D---- C:\Windows
2015-12-18 05:49:28 ----D---- C:\WINDOWS\CbsTemp
2015-12-17 23:55:36 ----SHD---- C:\WINDOWS\Installer
2015-12-17 23:54:02 ----SD---- C:\ProgramData\Microsoft
2015-12-17 23:54:02 ----RD---- C:\Program Files
2015-12-17 23:54:01 ----D---- C:\Program Files\Microsoft.NET
2015-12-17 23:54:01 ----D---- C:\Program Files\Common Files\microsoft shared
2015-12-17 23:53:17 ----RSD---- C:\WINDOWS\Fonts
2015-12-17 23:53:02 ----D---- C:\WINDOWS\ShellNew
2015-12-17 23:52:48 ----D---- C:\Program Files\Common Files
2015-12-17 23:50:27 ----D---- C:\Program Files\Common Files\System
2015-12-17 23:50:27 ----A---- C:\WINDOWS\win.ini
2015-12-17 23:17:11 ----D---- C:\WINDOWS\system32\catroot2
2015-12-17 00:25:31 ----SHD---- C:\$Recycle.Bin
2015-12-16 16:11:50 ----D---- C:\WINDOWS\debug
2015-12-16 16:09:15 ----D---- C:\WINDOWS\system32\Tasks
2015-12-16 08:35:19 ----D---- C:\WINDOWS\system32\WDI
2015-12-16 08:16:18 ----D---- C:\WINDOWS\Logs
2015-12-16 08:09:53 ----D---- C:\WINDOWS\Tasks
2015-12-16 07:54:20 ----D---- C:\WINDOWS\system32\wbem
2015-12-16 07:53:01 ----D---- C:\WINDOWS\system32\drivers\etc
2015-12-16 07:52:55 ----D---- C:\WINDOWS\system32\WinMetadata
2015-12-16 07:52:55 ----D---- C:\WINDOWS\system32\setup
2015-12-16 07:52:55 ----D---- C:\WINDOWS\system32\drivers\en-US
2015-12-16 07:52:55 ----D---- C:\WINDOWS\System
2015-12-16 07:52:55 ----D---- C:\WINDOWS\PolicyDefinitions
2015-12-16 07:52:55 ----D---- C:\WINDOWS\L2Schemas
2015-12-16 07:52:46 ----D---- C:\WINDOWS\addins
2015-12-16 07:52:46 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-12-16 07:52:46 ----D---- C:\Program Files\Windows Media Player
2015-12-16 07:52:32 ----HD---- C:\WINDOWS\system32\GroupPolicy
2015-12-16 07:52:32 ----D---- C:\WINDOWS\system32\Sysprep
2015-12-16 07:52:32 ----D---- C:\WINDOWS\system32\Macromed
2015-12-16 07:52:32 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-12-16 07:52:31 ----D---- C:\WINDOWS\servicing
2015-12-16 07:52:31 ----D---- C:\WINDOWS\security
2015-12-16 07:52:31 ----D---- C:\WINDOWS\rescache
2015-12-16 07:52:00 ----D---- C:\WINDOWS\Branding
2015-12-16 07:51:54 ----HD---- C:\ProgramData
2015-12-16 07:50:54 ----D---- C:\WINDOWS\system32\inetsrv
2015-12-16 07:45:10 ----D---- C:\WINDOWS\registration
2015-12-16 07:40:41 ----D---- C:\WINDOWS\AppCompat
2015-12-12 20:23:00 ----D---- C:\WINDOWS\system32\NDF
2015-12-09 22:58:50 ----RD---- C:\WINDOWS\DevicesFlow
2015-12-09 22:43:57 ----D---- C:\WINDOWS\OCR
2015-12-09 22:40:17 ----RD---- C:\WINDOWS\PrintDialog
2015-12-09 22:40:15 ----RD---- C:\WINDOWS\MiracastView
2015-12-09 22:34:55 ----D---- C:\WINDOWS\system32\restore
2015-12-09 22:33:50 ----D---- C:\ProgramData\USOPrivate
2015-12-09 22:33:21 ----D---- C:\WINDOWS\system32\WinBioDatabase
2015-12-09 22:31:14 ----D---- C:\WINDOWS\system32\LogFiles
2015-12-09 22:31:11 ----RSD---- C:\WINDOWS\Media
2015-12-09 22:31:01 ----D---- C:\WINDOWS\system32\spool
2015-12-09 22:27:21 ----D---- C:\WINDOWS\system32\OEM
2015-12-09 22:24:37 ----D---- C:\WINDOWS\system32\IME
2015-12-09 22:24:25 ----D---- C:\WINDOWS\system32\CatRoot
2015-12-09 22:24:23 ----D---- C:\WINDOWS\schemas
2015-12-09 22:24:17 ----D---- C:\WINDOWS\ehome
2015-12-09 22:24:15 ----RD---- C:\Users
2015-12-09 22:24:11 ----SHD---- C:\Program Files\Windows Sidebar
2015-12-09 22:24:10 ----D---- C:\Program Files\Microsoft Games
2015-12-09 22:24:09 ----D---- C:\Program Files\DVD Maker
2015-12-09 22:23:14 ----D---- C:\WINDOWS\system32\Recovery
2015-12-09 22:14:57 ----D---- C:\WINDOWS\ServiceProfiles
2015-12-08 20:51:07 ----D---- C:\WINDOWS\CSC
2015-12-01 01:33:29 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 76288]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 7680]
R1 MpKsl3d8775c4;MpKsl3d8775c4; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3DB2FF3A-4FC3-4FF9-8BBC-C4520F87E499}\MpKsl3d8775c4.sys [2015-12-20 39168]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 36864]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 62464]
R3 ALCXWDM;@oem3.inf,%AC97AUD.SvcDesc%;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\RTKVAC.SYS [2009-06-18 4172832]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-01-13 10070016]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-01-13 290304]
R3 AtiHDAudioService;@oem2.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdW73.sys [2012-05-14 86656]
R3 netr28u;@netr28u.inf,%Generic.Service.DispName%;RT2870 USB Extensible Wireless LAN Card Driver; C:\WINDOWS\System32\drivers\netr28u.sys [2015-10-30 1800704]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2015-10-30 92672]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2015-10-30 184832]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 88928]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 83288]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 51040]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 51552]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 27992]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 8192]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 26624]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-11-22 96768]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 17408]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2015-10-30 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 38240]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 66048]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2015-10-30 61936]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 23040]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-10-30 45056]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 33792]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-10-30 32768]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2015-10-30 200032]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 74080]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 104800]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-10-30 42840]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 21856]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 21856]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\WINDOWS\System32\drivers\usbser.sys [2015-10-30 48640]
S3 vhf;@%SystemRoot%\system32\drivers\vhf.sys,-100; C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 24064]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-01-13 217088]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
R2 OneSyncSvc_46de3;Sync Host_46de3; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-16 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_3a5e6;Sync Host_3a5e6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_87e9b;Sync Host_87e9b; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 26112]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2015-10-24 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-16 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_3a5e6;MessagingService_3a5e6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_46de3;MessagingService_46de3; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_87e9b;MessagingService_87e9b; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_3a5e6;Contact Data_3a5e6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_46de3;Contact Data_46de3; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_87e9b;Contact Data_87e9b; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 900096]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 256512]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UnistoreSvc_3a5e6;User Data Storage_3a5e6; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UnistoreSvc_46de3;User Data Storage_46de3; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UnistoreSvc_87e9b;User Data Storage_87e9b; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 UserDataSvc_3a5e6;User Data Access_3a5e6; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 UserDataSvc_46de3;User Data Access_46de3; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 UserDataSvc_87e9b;User Data Access_87e9b; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 vmicvmsession;@%systemroot%\system32\icsvc.dll,-901; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]

-----------------EOF-----------------

[Roli]

Stiskni klávesy Windows + R do okna Spustit >> napiš - services.msc >> Enter. Najdi službu :

Služba Google Update (gupdate)
Služba Google Update (gupdatem)

dvojklikem se otevře karta kde nejprve službu zastav tlačítkem Zastavit u položky Typ spouštění vyber Zakázáno a klik na OK.


Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\AutoKMS

:commands
[purity]
[emptytemp]
[start explorer]

klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem zkopíruj obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

[VLADKO123456]

All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== FILES ==========
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\AutoKMS folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default.migrated

User: Dodo
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 9440 bytes
->Google Chrome cache emptied: 80781279 bytes
->Flash cache emptied: 506 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16726 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 77,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 12222015_181536

[Roli]

Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.


Tím by bylo hotovo, tak že pokud s PC není žádný problém je to z mé strany vše.

[VLADKO123456]

Vykonal som to co ste mi napísali a zrazu mi nejde nic spusti, Microsoft edge, Store, Windows explorer, apps, atd atd... Nejde mi otvoriť žiadny stiahnutý obrazok, dokument z internetu, čo by som ešte ako tak chápal nakoľko sa na všetko vzťahu autorský zákon. Co ma ale zaráža je to, že mi nejde otvoriť ani obrázok vytvorený autorom, ktorý mi ho poslal na mail s autorským suhlasom na jeho zverejnenie... Skusal som CTRL + SHIFT + pravy klik na taskbar potom Exit Explorer a jeho restart a stále nič. Vedeli by ste mi poradiť? Vopred dakujem

[Roli]

Tak to nechápu, krom smazání cracku jsme neudělali nic co by tohle způsobilo a už vůbec nechápu, že Ti nejde otevřít jakýkoliv obrázek.

Instaloval jsi nebo odinstaloval nějaký softík před tím než se tohle stalo ?

Stalo se to až po smazání cracku ?

[VLADKO123456]

Po zmazani cracku to islo normálne ako ma, stalo sa to hned potom co som spustil omvelt a dal cleanup, prebehol reboot a hned po nom. Neinstaloval som žiadny pogramy. Odinstaloval som nejaku hru ani neviem ako sa objavila medzi programami Nazov bol Candy Crush Saga

[Roli]

Zkus se vrátit přes Bod obnovy před odinstalaci OTMoveIt - CleanUP!

Je to ale fakt divné.

[VLADKO123456]

toto bolo prvé čo som skúšal spraviť, ale každý jeden bod obnovy skončil s chybou a kedže som na windows10 presiel ani nie pred mesiacom tak v ponuke boli len 3 body obnovy. Napríklad ked chcem otvoriť jpg tak mi vyhodí varovné okno na ktorom je cervený krúzok a v nom X C:\Users\Dodo\Downloads\plachta 2x1a.jpg a podtým The app didn´t start. a to isté napíše aj s Microsoft edge, Store. Vlastne nič mi nejde spustiť čo sa nachádza na dolnej lište od Startu až po hodiny (vrátane oboch). Dalšia vec na ktorú som prisiel je že pri spustení PC mám Active Connections na Local Address MyiP:53183, Foreign Address 191.232.139.126:443, State ESTABLISHED, PID explorer.exe
Nedá sa ten explorer.exe nejako vyresetovať alebo niečo aby mi to spojenie zmizlo?
Vrelá vďaka za každú Vašu radu.