Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logů, pomalý ntb

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Buchtanen
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 15 bře 2016 12:21

Prosím o kontrolu logů, pomalý ntb

#1 Příspěvek od Buchtanen »

Dobrý den,
prosím o kontrolu logů, pomalý počítač.

Start systému je v pořádku, ale po přihlášení uživatele dlouho trvá než počítač začne reagovat.
Spouštění aplikací je pomalé, některé aplikace (IDE NetBeans, Eclipse) hlásí dlouhou neaktivitu, při přepnutí do nich z jiných aplikací kolikrát minutu i déle nereagují.
Google Chrome to samé, při přepnutí stránky často nereagují, při změně záložky také.
Doplnění:
Po startu systému nestartuje Comodo Internet Security, ohlásí chybu a musí se nastartovat ručně.
Disk kontrolován a ten se zdá být v pořádku.
Správce hardwaru - tam je vše v pořádku.
V prohlížeči událostí systému a aplikací žádná chyba nic čeho se dá chytit.
Při vypínání systému dlouho trvá než systém ukončí běžící aplikace, ale žádnou nevypisuje.
V příloze logy RSIT a FRST...
Před scanováním NTB vyčištěn poslední verzí CCleaneru.

RSIT log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Buchtanen at 2016-03-24 13:40:12
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 310 GB (67%) free of 461 GB
Total RAM: 8174 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:40:15, on 24.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Users\Buchtanen\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\Atlassian\SourceTree\tools\putty\pageant.exe
C:\Program Files (x86)\Google\Drive\nativeproxy.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Google\Drive\nativeproxy.exe
C:\Program Files\trend micro\Buchtanen.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKCU\..\Run: [Google Update] "C:\Users\Buchtanen\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{359E4F5A-1A40-464B-BD4A-2AF301A56293}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACBD22E6-654D-4F0C-A748-E286FD72D030}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = fw.quinta.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = fw.quinta.cz
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = fw.quinta.cz
O20 - AppInit_DLLs: c:\windows\syswow64\guard32.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - http://www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: COMODO Programs Manager Service (CPMService) - Unknown owner - C:\Program Files\COMODO\COMODO Programs Manager\CPMService.exe
O23 - Service: COMODO System Utilities Service (CSUService) - Comodo Security Solutions, Inc. - C:\Program Files\COMODO\COMODO System Utilities\CSUService.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL57 - Unknown owner - C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12144 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
taskeng.exe {9B60D98C-F0F5-491E-A70A-B8B4EFA6D810}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\CISVC.EXE
"C:\Program Files\COMODO\COMODO Programs Manager\CPMService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
"C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe" --defaults-file="C:\ProgramData\MySQL\MySQL Server 5.7\my.ini" MySQL57
C:\Windows\Explorer.EXE
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
C:\Windows\System32\tcpsvcs.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\TurboBoost\TurboBoost.exe"
C:\Windows\system32\svchost.exe -k iissvcs
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Users\Buchtanen\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe" --shortcut
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Atlassian\SourceTree\tools\putty\pageant.exe"
\??\C:\Windows\system32\conhost.exe "8224112221235606134-1605460098-1604084404-268211206-2811622721461752688606349997
"C:\Program Files (x86)\Google\Drive\nativeproxy.exe" --parent-window=0 chrome-extension://lmjegmlicamnimmfhcmpkclmigmmcbeh/
"C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe"
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled

C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Google\Drive\nativeproxy.exe" --parent-window=0 chrome-extension://lmjegmlicamnimmfhcmpkclmigmmcbeh/ < \\.\pipe\chrome.nativeMessaging.in.d22a6fc52130ea16 > \\.\pipe\chrome.nativeMessaging.out.d22a6fc52130ea16
\??\C:\Windows\system32\conhost.exe "8451406881357240112-5651755194493512302051408195-364374017-146952474746898264
"C:\Program Files (x86)\Google\Drive\nativeproxy.exe" --parent-window=0 chrome-extension://lmjegmlicamnimmfhcmpkclmigmmcbeh/
taskeng.exe {EF17204C-CC99-4324-8BB0-C5385C3FE49F}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe40_ Global\UsGthrCtrlFltPipeMssGthrPipe40 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt
"C:\Users\Buchtanen\Desktop\RSITx64.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 880 884 892 65536 888

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Buchtanen\AppData\Roaming\Mozilla\Firefox\Profiles\2cujllkd.default

prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q="
prefs.js - "browser.startup.homepage" - "http://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=en-ww"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1220162.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.73.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.73.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.73.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.73.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\components\
nsIBitCometAgent.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
npBitCometAgent.dll
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class

C:\Users\Buchtanen\AppData\Roaming\Mozilla\Firefox\Profiles\2cujllkd.default\searchplugins\
bing-.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-21 551520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-21 212576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-21 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-11-26 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-21 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2010-11-26 379040]
"IAStorIcon"=c:\program files (x86)\intel\intel(r) rapid storage technology\iastoricon.exe [2010-09-14 283160]
"RTHDVCPL"=c:\program files\realtek\audio\hda\ravcpl64.exe [2013-11-29 13662936]
"NUSB3MON"=c:\program files (x86)\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe [2010-04-27 113288]
"LManager"=c:\program files (x86)\launch manager\lmanager.exe [2010-12-09 1025616]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-08-01 2280232]
"SunJavaUpdateSched"=c:\program files (x86)\common files\java\java update\jusched.exe [2016-01-29 594992]
"AtherosBtStack"=c:\program files (x86)\bluetooth suite\btvstack.exe [2010-11-26 613536]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-03-24 1610936]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Buchtanen\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-13 144200]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2016-03-13 23260000]
"AdobeBridge"= []
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2016-03-02 7943072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO]
C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-12-17 50378880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-24 336384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2015-12-14 3013712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2012-06-28 74752]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
""= []
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2016-02-01 36760]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2016-02-01 2904984]
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2015-12-23 759696]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\91838446.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\91838446.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"vidc.lags"=lagarith.dll
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open -

======List of files/folders created in the last 3 months======

2016-03-24 13:38:59 ----D---- C:\rsit
2016-03-24 13:37:36 ----D---- C:\FRST
2016-03-17 14:58:10 ----D---- C:\Users\Buchtanen\AppData\Roaming\Atom
2016-03-15 21:40:32 ----D---- C:\Program Files (x86)\HD Tune
2016-03-15 13:10:30 ----D---- C:\Program Files (x86)\AdwCleaner
2016-03-09 14:05:12 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-03-09 14:05:12 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-03-09 14:05:12 ----A---- C:\Windows\system32\wuwebv.dll
2016-03-09 14:05:12 ----A---- C:\Windows\system32\wudriver.dll
2016-03-09 14:05:12 ----A---- C:\Windows\system32\wucltux.dll
2016-03-09 14:05:12 ----A---- C:\Windows\system32\wuaueng.dll
2016-03-09 14:05:12 ----A---- C:\Windows\system32\wuapi.dll
2016-03-09 14:05:11 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-03-09 14:05:11 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-03-09 14:05:11 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-03-09 14:05:11 ----A---- C:\Windows\system32\wups2.dll
2016-03-09 14:05:11 ----A---- C:\Windows\system32\wups.dll
2016-03-09 14:05:11 ----A---- C:\Windows\system32\wuauclt.exe
2016-03-09 14:05:11 ----A---- C:\Windows\system32\wuapp.exe
2016-03-09 14:05:11 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 14:05:11 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-03-09 14:04:53 ----A---- C:\Windows\system32\seclogon.dll
2016-03-09 14:04:50 ----A---- C:\Windows\system32\win32k.sys
2016-03-09 14:04:46 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-03-09 14:04:43 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-03-09 14:04:43 ----A---- C:\Windows\system32\oleaut32.dll
2016-03-09 14:04:43 ----A---- C:\Windows\system32\asycfilt.dll
2016-03-09 14:04:42 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-03-09 14:04:07 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-03-09 14:04:07 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-03-09 14:04:07 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-03-09 14:04:07 ----A---- C:\Windows\system32\iertutil.dll
2016-03-09 14:04:07 ----A---- C:\Windows\system32\iernonce.dll
2016-03-09 14:04:07 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-03-09 14:04:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-03-09 14:04:06 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-03-09 14:04:06 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-03-09 14:04:05 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-03-09 14:04:05 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-03-09 14:04:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-03-09 14:04:05 ----A---- C:\Windows\system32\inseng.dll
2016-03-09 14:04:05 ----A---- C:\Windows\system32\ie4uinit.exe
2016-03-09 14:04:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-03-09 14:04:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-03-09 14:04:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-03-09 14:04:03 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-03-09 14:04:03 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-03-09 14:04:03 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 14:04:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-03-09 14:04:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-03-09 14:04:00 ----A---- C:\Windows\system32\urlmon.dll
2016-03-09 14:04:00 ----A---- C:\Windows\system32\occache.dll
2016-03-09 14:04:00 ----A---- C:\Windows\system32\iedkcs32.dll
2016-03-09 14:03:59 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-03-09 14:03:59 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-03-09 14:03:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 14:03:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-03-09 14:03:58 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-03-09 14:03:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 14:03:57 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-03-09 14:03:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-03-09 14:03:57 ----A---- C:\Windows\system32\msfeeds.dll
2016-03-09 14:03:57 ----A---- C:\Windows\system32\dxtrans.dll
2016-03-09 14:03:56 ----A---- C:\Windows\system32\iesetup.dll
2016-03-09 14:03:56 ----A---- C:\Windows\system32\ieapfltr.dll
2016-03-09 14:03:54 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-03-09 14:03:54 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-03-09 14:03:54 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-03-09 14:03:54 ----A---- C:\Windows\system32\vbscript.dll
2016-03-09 14:03:53 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-03-09 14:03:53 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-03-09 14:03:53 ----A---- C:\Windows\system32\jsproxy.dll
2016-03-09 14:03:52 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-03-09 14:03:52 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-03-09 14:03:51 ----A---- C:\Windows\system32\dxtmsft.dll
2016-03-09 14:03:50 ----A---- C:\Windows\system32\ieui.dll
2016-03-09 14:03:50 ----A---- C:\Windows\system32\ieframe.dll
2016-03-09 14:03:49 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-03-09 14:03:49 ----A---- C:\Windows\system32\mshtmled.dll
2016-03-09 14:03:49 ----A---- C:\Windows\system32\ieUnatt.exe
2016-03-09 14:03:48 ----A---- C:\Windows\system32\webcheck.dll
2016-03-09 14:03:48 ----A---- C:\Windows\system32\jscript.dll
2016-03-09 14:03:47 ----A---- C:\Windows\system32\wininet.dll
2016-03-09 14:03:47 ----A---- C:\Windows\system32\jscript9diag.dll
2016-03-09 14:03:47 ----A---- C:\Windows\system32\jscript9.dll
2016-03-09 14:03:45 ----A---- C:\Windows\system32\msrating.dll
2016-03-09 14:03:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-03-09 14:03:44 ----A---- C:\Windows\system32\mshtml.dll
2016-03-09 14:01:19 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-03-09 14:01:19 ----A---- C:\Windows\system32\ntdll.dll
2016-03-09 14:01:18 ----A---- C:\Windows\system32\KernelBase.dll
2016-03-09 14:01:17 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-03-09 14:01:17 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-03-09 14:01:17 ----A---- C:\Windows\system32\kerberos.dll
2016-03-09 14:01:14 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-03-09 14:01:14 ----A---- C:\Windows\system32\kernel32.dll
2016-03-09 14:01:12 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-03-09 14:01:12 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-03-09 14:01:12 ----A---- C:\Windows\system32\advapi32.dll
2016-03-09 14:01:11 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-03-09 14:01:10 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-03-09 14:01:10 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-03-09 14:01:09 ----A---- C:\Windows\system32\rpcrt4.dll
2016-03-09 14:01:09 ----A---- C:\Windows\system32\lsasrv.dll
2016-03-09 14:01:08 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-03-09 14:01:08 ----A---- C:\Windows\system32\smss.exe
2016-03-09 14:01:08 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-03-09 14:01:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-03-09 14:01:07 ----A---- C:\Windows\system32\wow64win.dll
2016-03-09 14:01:07 ----A---- C:\Windows\system32\schannel.dll
2016-03-09 14:01:07 ----A---- C:\Windows\system32\msv1_0.dll
2016-03-09 14:01:07 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-03-09 14:01:06 ----A---- C:\Windows\system32\winsrv.dll
2016-03-09 14:01:06 ----A---- C:\Windows\system32\wdigest.dll
2016-03-09 14:01:06 ----A---- C:\Windows\system32\TSpkg.dll
2016-03-09 14:01:06 ----A---- C:\Windows\system32\sspicli.dll
2016-03-09 14:01:06 ----A---- C:\Windows\system32\srcore.dll
2016-03-09 14:01:06 ----A---- C:\Windows\system32\ncrypt.dll
2016-03-09 14:01:06 ----A---- C:\Windows\system32\conhost.exe
2016-03-09 14:01:05 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-03-09 14:01:05 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-03-09 14:01:05 ----A---- C:\Windows\system32\wow64.dll
2016-03-09 14:01:04 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-03-09 14:01:04 ----A---- C:\Windows\system32\csrsrv.dll
2016-03-09 14:01:03 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-03-09 14:01:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-03-09 14:01:03 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-03-09 14:01:03 ----A---- C:\Windows\system32\wow64cpu.dll
2016-03-09 14:01:03 ----A---- C:\Windows\system32\sspisrv.dll
2016-03-09 14:01:03 ----A---- C:\Windows\system32\lsass.exe
2016-03-09 14:01:03 ----A---- C:\Windows\system32\cryptbase.dll
2016-03-09 14:01:02 ----A---- C:\Windows\system32\srclient.dll
2016-03-09 14:01:02 ----A---- C:\Windows\system32\secur32.dll
2016-03-09 14:01:02 ----A---- C:\Windows\system32\rstrui.exe
2016-03-09 14:01:02 ----A---- C:\Windows\system32\credssp.dll
2016-03-09 14:01:01 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-03-09 14:01:01 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-03-09 14:01:01 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-03-09 14:01:01 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-03-09 14:01:01 ----A---- C:\Windows\system32\ntvdm64.dll
2016-03-09 14:01:00 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-03-09 14:01:00 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-03-09 14:01:00 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-03-09 14:01:00 ----A---- C:\Windows\system32\auditpol.exe
2016-03-09 14:00:59 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-03-09 14:00:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 14:00:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 14:00:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 14:00:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 14:00:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 14:00:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 14:00:55 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 14:00:55 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 14:00:55 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 14:00:55 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 14:00:55 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 14:00:55 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 14:00:55 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 14:00:55 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 14:00:55 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 14:00:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 14:00:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 14:00:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 14:00:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 14:00:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 14:00:54 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 14:00:54 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 14:00:54 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 14:00:54 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 14:00:54 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 14:00:54 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 14:00:54 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 14:00:54 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 14:00:54 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 14:00:54 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 14:00:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 14:00:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 14:00:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 14:00:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 14:00:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 14:00:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 14:00:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 14:00:53 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 14:00:53 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 14:00:53 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 14:00:53 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 14:00:53 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 14:00:53 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 14:00:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 14:00:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 14:00:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 14:00:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 14:00:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 14:00:52 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 14:00:52 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 14:00:52 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 14:00:52 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 14:00:52 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-03-09 14:00:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 14:00:51 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 14:00:51 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 14:00:51 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 14:00:51 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-03-09 14:00:51 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-03-09 14:00:51 ----A---- C:\Windows\system32\apisetschema.dll
2016-03-09 14:00:50 ----A---- C:\Windows\SYSWOW64\user.exe
2016-03-09 14:00:49 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-03-09 14:00:49 ----A---- C:\Windows\system32\msaudite.dll
2016-03-09 14:00:49 ----A---- C:\Windows\system32\adtschema.dll
2016-03-09 14:00:48 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-03-09 14:00:48 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-03-09 14:00:48 ----A---- C:\Windows\system32\msobjs.dll
2016-03-09 13:59:25 ----A---- C:\Windows\system32\mfds.dll
2016-03-09 13:59:24 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-03-09 13:59:23 ----A---- C:\Windows\system32\atmfd.dll
2016-03-09 13:59:22 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-03-09 13:59:22 ----A---- C:\Windows\system32\lpk.dll
2016-03-09 13:59:22 ----A---- C:\Windows\system32\fontsub.dll
2016-03-09 13:59:22 ----A---- C:\Windows\system32\dciman32.dll
2016-03-09 13:59:21 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-03-09 13:59:21 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-03-09 13:59:21 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-03-09 13:59:21 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-03-09 13:59:21 ----A---- C:\Windows\system32\atmlib.dll
2016-03-09 13:59:19 ----A---- C:\Windows\system32\wmp.dll
2016-03-09 13:59:17 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-03-09 13:59:17 ----A---- C:\Windows\system32\spwmp.dll
2016-03-09 13:59:16 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-03-09 13:59:16 ----A---- C:\Windows\system32\dxmasf.dll
2016-03-09 13:59:15 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-03-09 13:59:14 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-03-09 13:59:14 ----A---- C:\Windows\system32\wmploc.DLL
2016-03-09 13:58:57 ----A---- C:\Windows\system32\invagent.dll
2016-03-09 13:58:57 ----A---- C:\Windows\system32\generaltel.dll
2016-03-09 13:58:57 ----A---- C:\Windows\system32\devinv.dll
2016-03-09 13:58:57 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-03-09 13:58:57 ----A---- C:\Windows\system32\appraiser.dll
2016-03-09 13:58:57 ----A---- C:\Windows\system32\aeinv.dll
2016-03-09 13:58:57 ----A---- C:\Windows\system32\acmigration.dll
2016-03-08 12:54:50 ----D---- C:\Program Files (x86)\Atlassian
2016-03-02 12:29:15 ----D---- C:\Program Files\MiniTool Partition Wizard Free 9.1
2016-02-25 16:39:19 ----HD---- C:\$WINDOWS.~BT
2016-02-25 14:39:33 ----A---- C:\Windows\system32\wdi.dll
2016-02-25 14:39:33 ----A---- C:\Windows\system32\powertracker.dll
2016-02-25 14:39:33 ----A---- C:\Windows\system32\perftrack.dll
2016-02-25 14:39:32 ----A---- C:\Windows\SYSWOW64\wdi.dll
2016-02-25 11:32:57 ----D---- C:\ESD
2016-02-24 22:15:04 ----D---- C:\Windows\CheckSur
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\system32\ucrtbase.dll
2016-02-21 21:33:45 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-02-21 21:33:45 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-02-21 21:33:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-21 21:33:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-02-21 21:33:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-21 21:33:44 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-02-21 21:33:44 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-21 21:33:44 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-02-21 21:33:44 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-02-21 21:33:44 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-02-21 21:33:44 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-02-21 21:33:44 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-02-21 21:33:04 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-02-18 09:01:41 ----D---- C:\Program Files (x86)\CIGLER SOFTWARE
2016-02-18 09:01:31 ----D---- C:\ProgramData\CIGLER SOFTWARE
2016-02-10 11:36:03 ----A---- C:\Windows\system32\InkEd.dll
2016-02-10 11:36:02 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-02-10 11:36:00 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-10 11:33:55 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-10 11:33:24 ----A---- C:\Windows\system32\rdpudd.dll
2016-02-10 11:33:24 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-10 11:33:24 ----A---- C:\Windows\system32\rdpcorets.dll
2016-02-10 11:32:33 ----A---- C:\Windows\system32\ole32.dll
2016-02-10 11:32:25 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-02-10 11:30:14 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2016-02-10 11:30:14 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2016-02-10 11:30:14 ----A---- C:\Windows\system32\EncDec.dll
2016-02-10 11:30:14 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-10 11:30:12 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-10 11:30:11 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-02-10 11:30:11 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-02-10 11:28:30 ----A---- C:\Windows\system32\shell32.dll
2016-02-10 11:28:29 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-02-10 11:28:29 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-02-10 11:28:29 ----A---- C:\Windows\explorer.exe
2016-02-10 11:28:28 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-02-10 11:28:28 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-02-10 11:28:28 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-10 11:28:28 ----A---- C:\Windows\system32\authui.dll
2016-02-03 11:11:38 ----D---- C:\perflogs
2016-02-02 22:07:26 ----D---- C:\Program Files (x86)\GUM745B.tmp
2016-02-02 01:26:16 ----D---- C:\ProgramData\Licenses
2016-02-02 01:25:53 ----A---- C:\Windows\SYSWOW64\MSSTDFMT.DLL
2016-02-02 00:05:42 ----D---- C:\Users\Buchtanen\AppData\Roaming\SUPERAntiSpyware.com
2016-02-02 00:04:56 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2016-02-02 00:04:56 ----D---- C:\Program Files\SUPERAntiSpyware
2016-02-01 22:27:38 ----D---- C:\Users\Buchtanen\AppData\Roaming\PACE Anti-Piracy
2016-02-01 22:27:38 ----D---- C:\ProgramData\PACE Anti-Piracy
2016-02-01 22:27:38 ----A---- C:\Windows\SurCode.INI
2016-02-01 22:27:37 ----D---- C:\Program Files\Common Files\PACE Anti-Piracy
2016-02-01 22:22:49 ----D---- C:\Users\Buchtanen\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2016-02-01 22:00:58 ----D---- C:\Users\Buchtanen\AppData\Roaming\com.adobe.WidgetBrowser
2016-02-01 21:49:30 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2016-02-01 21:26:48 ----D---- C:\ProgramData\ALM
2016-02-01 20:52:50 ----N---- C:\Windows\system32\drivers\cdralw2k.sys
2016-02-01 20:52:50 ----N---- C:\Windows\system32\drivers\cdr4_xp.sys
2016-02-01 20:52:38 ----D---- C:\Program Files (x86)\My Company Name
2016-02-01 19:47:12 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2016-02-01 19:47:12 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2016-02-01 19:47:12 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2016-02-01 19:47:12 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2016-02-01 19:47:12 ----A---- C:\Windows\system32\nlsbres.dll
2016-02-01 19:47:12 ----A---- C:\Windows\system32\kbdgeoqw.dll
2016-02-01 19:47:12 ----A---- C:\Windows\system32\KBDAZEL.DLL
2016-02-01 19:47:12 ----A---- C:\Windows\system32\KBDAZE.DLL
2016-01-30 03:38:32 ----D---- C:\Program Files\RogueKiller
2016-01-29 15:35:03 ----D---- C:\Program Files (x86)\PC-Karel
2016-01-29 01:07:36 ----AD---- C:\Windows\vhid
2016-01-29 01:07:36 ----A---- C:\Windows\system32\Default.ini
2016-01-29 01:07:33 ----D---- C:\ProgramData\Tablet
2016-01-20 15:10:14 ----D---- C:\Users\Buchtanen\AppData\Roaming\MySQL
2016-01-20 14:57:21 ----A---- C:\Windows\ODBCINST.INI
2016-01-20 14:56:20 ----D---- C:\Program Files\MySQL
2016-01-20 14:52:29 ----D---- C:\Program Files (x86)\MySQL
2016-01-20 14:52:27 ----D---- C:\ProgramData\MySQL
2016-01-16 04:03:26 ----D---- C:\Program Files (x86)\PuTTY
2016-01-13 17:16:01 ----A---- C:\Windows\SYSWOW64\mapistub.dll
2016-01-13 17:16:01 ----A---- C:\Windows\SYSWOW64\mapi32.dll
2016-01-13 17:16:01 ----A---- C:\Windows\system32\mapistub.dll
2016-01-13 17:16:01 ----A---- C:\Windows\system32\mapi32.dll
2016-01-13 17:16:00 ----A---- C:\Windows\SYSWOW64\fixmapi.exe
2016-01-13 17:16:00 ----A---- C:\Windows\system32\fixmapi.exe
2016-01-13 17:15:56 ----A---- C:\Windows\system32\aepic.dll
2016-01-13 17:15:53 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-01-13 17:15:53 ----A---- C:\Windows\system32\qedit.dll
2016-01-13 17:15:43 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-01-13 17:15:42 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-01-13 17:15:42 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-01-13 17:15:41 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-01-13 17:15:41 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-01-13 17:15:41 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-01-13 17:15:41 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-01-13 17:15:41 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 17:15:41 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 17:15:40 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-01-13 17:15:40 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-01-13 17:15:40 ----A---- C:\Windows\SYSWOW64\MSMPEG2ENC.DLL
2016-01-13 17:15:40 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-01-13 17:15:40 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-01-13 17:15:40 ----A---- C:\Windows\system32\mf.dll
2016-01-13 17:15:39 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-01-13 17:15:39 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-01-13 17:15:39 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-01-13 17:15:39 ----A---- C:\Windows\system32\wmpmde.dll
2016-01-13 17:15:39 ----A---- C:\Windows\system32\quartz.dll
2016-01-13 17:15:39 ----A---- C:\Windows\system32\mcmde.dll
2016-01-13 17:15:39 ----A---- C:\Windows\system32\evr.dll
2016-01-13 17:15:39 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-01-13 17:15:38 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-01-13 17:15:38 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-01-13 17:15:38 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2016-01-13 17:15:38 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-01-13 17:15:38 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-01-13 17:15:38 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-01-13 17:15:38 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-01-13 17:15:38 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 17:15:38 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 17:15:37 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-01-13 17:15:37 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-01-13 17:15:37 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-01-13 17:15:37 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-01-13 17:15:37 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-01-13 17:15:37 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-01-13 17:15:37 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 17:15:37 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-01-13 17:15:37 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-01-13 17:15:37 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-01-13 17:15:37 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-01-13 17:15:37 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 17:15:37 ----A---- C:\Windows\system32\mfplat.dll
2016-01-13 17:15:37 ----A---- C:\Windows\system32\devenum.dll
2016-01-13 17:15:36 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-01-13 17:15:36 ----A---- C:\Windows\SYSWOW64\qasf.dll
2016-01-13 17:15:36 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-01-13 17:15:36 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-01-13 17:15:36 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-01-13 17:15:36 ----A---- C:\Windows\system32\mfvdsp.dll
2016-01-13 17:15:35 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-01-13 17:15:35 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-01-13 17:15:35 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-01-13 17:15:35 ----A---- C:\Windows\system32\SysFxUI.dll
2016-01-13 17:15:35 ----A---- C:\Windows\system32\qdvd.dll
2016-01-13 17:15:35 ----A---- C:\Windows\system32\qasf.dll
2016-01-13 17:15:33 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 17:15:32 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-01-13 17:15:32 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-01-13 17:15:32 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-01-13 17:15:32 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-01-13 17:15:32 ----A---- C:\Windows\system32\rrinstaller.exe
2016-01-13 17:15:32 ----A---- C:\Windows\system32\mfps.dll
2016-01-13 17:15:31 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-01-13 17:15:31 ----A---- C:\Windows\system32\mfpmp.exe
2016-01-13 17:15:31 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-01-13 17:15:30 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-01-13 17:15:30 ----A---- C:\Windows\SYSWOW64\ksuser.dll
2016-01-13 17:15:30 ----A---- C:\Windows\system32\mferror.dll
2016-01-13 17:15:30 ----A---- C:\Windows\system32\ksuser.dll
2016-01-13 17:15:30 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-01-13 17:15:30 ----A---- C:\Windows\system32\drivers\drmk.sys
2016-01-13 17:13:21 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-01-13 17:13:21 ----A---- C:\Windows\system32\gdi32.dll
2016-01-13 14:36:33 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-01-13 14:35:42 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-01-13 14:35:41 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-01-13 14:35:41 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-01-13 14:35:40 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-07 18:13:09 ----D---- C:\Users\Buchtanen\AppData\Roaming\Brackets

======List of files/folders modified in the last 3 months======

2016-03-24 13:40:13 ----D---- C:\Program Files\trend micro
2016-03-24 13:37:53 ----D---- C:\Windows
2016-03-24 13:30:28 ----D---- C:\Users\Buchtanen\AppData\Roaming\Notepad++
2016-03-24 13:28:19 ----D---- C:\Windows\system32\LogFiles
2016-03-24 13:28:07 ----D---- C:\Windows\inf
2016-03-24 13:28:06 ----D---- C:\Windows\debug
2016-03-24 13:27:57 ----D---- C:\Windows\Temp
2016-03-24 11:37:56 ----D---- C:\Windows\winsxs
2016-03-24 11:28:31 ----D---- C:\Windows\System32
2016-03-24 11:28:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-24 11:24:52 ----D---- C:\ProgramData\boost_interprocess
2016-03-24 03:28:12 ----HD---- C:\ProgramData
2016-03-24 03:26:54 ----D---- C:\Windows\SysWOW64
2016-03-24 02:34:13 ----D---- C:\Program Files\NetBeans 8.1
2016-03-24 02:28:09 ----A---- C:\Windows\SYSWOW64\log.txt
2016-03-24 02:26:14 ----D---- C:\Windows\Prefetch
2016-03-24 02:25:46 ----D---- C:\Windows\system32\config
2016-03-24 00:15:47 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-03-23 18:56:48 ----D---- C:\Program Files (x86)\Notepad++
2016-03-23 15:37:04 ----SHD---- C:\Windows\Installer
2016-03-23 00:03:06 ----SHD---- C:\System Volume Information
2016-03-21 20:17:37 ----A---- C:\Windows\system32\cmdcsr.dll
2016-03-21 20:17:25 ----A---- C:\Windows\SYSWOW64\guard32.dll
2016-03-21 20:17:19 ----A---- C:\Windows\system32\guard64.dll
2016-03-21 20:15:25 ----A---- C:\Windows\system32\cmdvrt64.dll
2016-03-21 20:14:31 ----A---- C:\Windows\system32\cmdkbd64.dll
2016-03-21 20:12:37 ----A---- C:\Windows\SYSWOW64\cmdvrt32.dll
2016-03-21 20:11:42 ----A---- C:\Windows\SYSWOW64\cmdkbd32.dll
2016-03-18 18:53:08 ----D---- C:\Users\Buchtanen\AppData\Roaming\npm-cache
2016-03-17 00:29:18 ----D---- C:\Windows\tracing
2016-03-16 14:00:51 ----SHD---- C:\Config.Msi
2016-03-16 14:00:42 ----D---- C:\Windows\system32\drivers
2016-03-16 14:00:41 ----D---- C:\Windows\system32\DriverStore
2016-03-16 14:00:07 ----D---- C:\Program Files (x86)\Cisco
2016-03-15 23:31:46 ----D---- C:\Windows\system32\MRT
2016-03-15 23:12:06 ----A---- C:\Windows\system32\MRT.exe
2016-03-15 21:40:32 ----D---- C:\Program Files (x86)
2016-03-15 20:08:34 ----D---- C:\Windows\Tasks
2016-03-15 15:17:22 ----HD---- C:\VTRoot
2016-03-15 13:10:49 ----A---- C:\Users\Buchtanen\AppData\Roaming\Network Meter_Usage.ini
2016-03-11 14:07:04 ----D---- C:\ProgramData\Cisco
2016-03-10 16:50:04 ----D---- C:\Windows\rescache
2016-03-10 16:24:48 ----D---- C:\Windows\Microsoft.NET
2016-03-10 16:17:46 ----RSD---- C:\Windows\assembly
2016-03-10 13:10:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-03-10 13:10:36 ----D---- C:\Windows\system32\cs-CZ
2016-03-10 13:10:33 ----D---- C:\Program Files\Internet Explorer
2016-03-10 13:10:31 ----D---- C:\Windows\SYSWOW64\en-US
2016-03-10 13:10:08 ----D---- C:\Windows\system32\en-US
2016-03-10 13:10:05 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-10 13:09:24 ----D---- C:\Windows\AppPatch
2016-03-10 13:09:01 ----D---- C:\Program Files (x86)\Windows Media Player
2016-03-10 13:07:47 ----D---- C:\Program Files\Windows Media Player
2016-03-10 12:43:20 ----D---- C:\Windows\system32\appraiser
2016-03-09 14:17:44 ----D---- C:\Program Files (x86)\Opera Next
2016-03-09 13:57:55 ----D---- C:\Windows\system32\catroot2
2016-03-08 17:53:40 ----D---- C:\Users\Buchtanen\AppData\Roaming\npm
2016-03-08 14:14:31 ----D---- C:\Windows\system32\Tasks
2016-03-08 12:44:41 ----D---- C:\ProgramData\Atlassian
2016-03-06 00:30:18 ----D---- C:\Users\Buchtanen\AppData\Roaming\Skype
2016-03-02 12:29:22 ----A---- C:\Windows\system32\pwNative.exe
2016-03-02 12:29:15 ----RD---- C:\Program Files
2016-03-01 12:03:48 ----D---- C:\Windows\system32\NDF
2016-03-01 11:24:56 ----D---- C:\Users\Buchtanen\AppData\Roaming\BitComet
2016-02-29 13:43:20 ----SD---- C:\Windows\SYSWOW64\GWX
2016-02-29 13:43:18 ----SD---- C:\Windows\system32\GWX
2016-02-25 17:26:16 ----D---- C:\Windows\Panther
2016-02-21 21:37:45 ----D---- C:\ProgramData\Oracle
2016-02-21 21:34:14 ----D---- C:\Program Files\Java
2016-02-21 21:30:36 ----D---- C:\Program Files (x86)\Java
2016-02-21 21:26:03 ----D---- C:\Program Files (x86)\Common Files
2016-02-21 21:24:37 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2016-02-12 10:40:59 ----D---- C:\Users\Buchtanen\AppData\Roaming\Adobe
2016-02-10 19:32:46 ----SD---- C:\Windows\system32\CompatTel
2016-02-10 19:32:46 ----D---- C:\Program Files\Windows Journal
2016-02-10 19:32:34 ----D---- C:\Windows\cs-CZ
2016-02-10 14:45:35 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-02-07 10:38:45 ----D---- C:\Program Files\Recuva
2016-02-04 20:06:48 ----D---- C:\Users\Buchtanen\AppData\Roaming\Winamp
2016-02-02 02:00:05 ----D---- C:\ProgramData\Adobe
2016-02-02 01:58:22 ----RD---- C:\Program Files (x86)\Skype
2016-02-02 01:53:23 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-02-02 01:32:50 ----A---- C:\Windows\win.ini
2016-02-02 01:29:25 ----AD---- C:\ProgramData\Temp
2016-02-02 01:27:25 ----HD---- C:\Windows\system32\GroupPolicy
2016-02-02 01:26:23 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2016-02-01 22:51:23 ----D---- C:\Program Files (x86)\Adobe
2016-02-01 22:38:25 ----D---- C:\Program Files\Adobe
2016-02-01 22:34:28 ----ASD---- C:\ProgramData\Microsoft
2016-02-01 22:34:28 ----AD---- C:\Program Files\Common Files\System
2016-02-01 22:27:37 ----D---- C:\Program Files\Common Files
2016-02-01 21:37:38 ----D---- C:\Program Files\Common Files\Adobe
2016-02-01 21:06:41 ----RSD---- C:\Windows\Fonts
2016-02-01 20:52:50 ----D---- C:\Windows\system32\catroot
2016-02-01 20:47:57 ----A---- C:\Windows\SYSWOW64\msjava.dll
2016-02-01 20:16:44 ----D---- C:\Windows\SoftwareDistribution
2016-02-01 17:41:46 ----D---- C:\Windows\pss
2016-02-01 17:31:24 ----D---- C:\Windows\SYSWOW64\drivers
2016-02-01 11:26:25 ----D---- C:\Users\Buchtanen\AppData\Roaming\Dropbox
2016-02-01 01:44:13 ----D---- C:\ProgramData\FLEXnet
2016-01-30 05:34:55 ----D---- C:\ProgramData\RogueKiller
2016-01-30 03:39:47 ----D---- C:\AdwCleaner
2016-01-26 13:27:28 ----D---- C:\Users\Buchtanen\AppData\Roaming\inkscape
2016-01-25 13:28:29 ----D---- C:\Users\Buchtanen\AppData\Roaming\Mozilla
2016-01-22 17:16:30 ----D---- C:\Program Files (x86)\Fiddler2
2016-01-20 14:57:35 ----D---- C:\Users\Buchtanen\AppData\Roaming\Oracle
2016-01-16 04:26:23 ----D---- C:\Program Files\Microsoft Silverlight
2016-01-16 04:26:23 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-01-16 03:49:08 ----D---- C:\Program Files (x86)\Opera
2016-01-16 03:49:06 ----D---- C:\Users\Buchtanen\AppData\Roaming\Opera
2016-01-16 03:48:17 ----D---- C:\Program Files (x86)\O2 Mobilni internet
2016-01-16 03:17:21 ----D---- C:\Windows\LP
2016-01-15 00:35:31 ----D---- C:\Program Files (x86)\Inkscape
2016-01-14 19:24:42 ----D---- C:\Program Files (x86)\Steam
2016-01-14 10:29:51 ----D---- C:\Program Files (x86)\STORMWARE
2016-01-14 08:36:11 ----D---- C:\Program Files (x86)\CyberLink
2016-01-13 16:28:34 ----D---- C:\ProgramData\Skype
2016-01-13 16:03:18 ----D---- C:\Windows\Performance
2016-01-13 14:56:15 ----D---- C:\Program Files\HitmanPro
2016-01-09 11:42:42 ----D---- C:\Windows\ehome
2015-12-28 14:20:47 ----D---- C:\Windows\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 cumon;cumon; C:\Windows\system32\drivers\cumon.sys [2011-09-05 205512]
R0 Evdd;evdd; C:\Windows\system32\drivers\evdd.sys [2011-09-05 19568]
R0 gzflt;gzflt; C:\Windows\system32\DRIVERS\gzflt.sys [2014-10-22 155912]
R0 hotcore3;hc3ServiceName; C:\Windows\system32\DRIVERS\hotcore3.sys [2011-04-12 37456]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-09-14 437272]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-03-15 192216]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 trufos;trufos; C:\Windows\system32\DRIVERS\trufos.sys [2014-10-15 452040]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-03-21 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2016-03-21 823344]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-03-21 56464]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-03-21 116248]
R1 nm3;Microsoft Network Monitor 3 Driver; C:\Windows\system32\DRIVERS\nm3.sys [2010-06-09 46392]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 Uim_IM;Universal Image Mounter Plugin; C:\Windows\System32\Drivers\Uim_IMx64.sys [2011-04-12 570320]
R1 UimBus;Universal Image Mounter Controller; C:\Windows\system32\DRIVERS\uimx64.sys [2011-04-12 57424]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2015-12-10 146944]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-12-25 9359872]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-12-25 309760]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2010-11-26 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-11 2229608]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-12-25 114704]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2010-11-26 298144]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2010-11-26 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2010-11-26 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2010-11-26 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2010-11-26 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2010-11-26 275616]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-11-29 3707864]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-09-27 76912]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2016-01-13 25816]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-12-18 64624]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-09-30 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-09-30 180736]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-12-18 32496]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-08-01 1383472]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2012-08-07 35112]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-08-01 867064]
S3 acsock;acsock; C:\Windows\system32\DRIVERS\acsock64.sys [2015-12-23 129520]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2015-01-16 38080]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2015-01-16 110336]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
S3 massfilter_hs;HS HandSet Mass Storage Filter Driver; C:\Windows\system32\DRIVERS\massfilter_hs.sys [2011-08-15 18456]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2016-01-13 63704]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552]
S3 moufiltr;Tablet Mouse Filter Driver; C:\Windows\system32\DRIVERS\moufiltr.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pneteth;PdaNet Broadband; C:\Windows\system32\DRIVERS\pneteth.sys [2011-11-24 15360]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-27 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-07-20 247400]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2015-01-16 169288]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2015-01-16 21320]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2015-01-16 188232]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2015-01-16 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2015-09-08 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Serial Emulation Driver; C:\Windows\system32\DRIVERS\usbser.sys [2015-02-26 33280]
S3 vhidmini;Generic Virtual HID Driver; C:\Windows\system32\DRIVERS\walvhid.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2016-02-02 172344]
R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8; c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-12-25 204288]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2010-11-26 52896]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 19456]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-03-24 5793800]
R2 CPMService;COMODO Programs Manager Service; C:\Program Files\COMODO\COMODO Programs Manager\CPMService.exe [2011-09-05 116032]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-12-09 311376]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-22 325656]
R2 MySQL57;MySQL57; C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe [2016-01-20 39209984]
R2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-02-01 135848]
R2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-02-01 135848]
R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-07-14 10240]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
R3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2016-03-24 2271928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-02-01 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-02-01 125112]
S2 CSUService;COMODO System Utilities Service; C:\Program Files\COMODO\COMODO System Utilities\CSUService.exe [2012-02-24 347968]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-01-13 1135416]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-24 269504]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; C:\Program Files\BitComet\tools\BitCometService.exe [2016-02-01 1296728]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-01 867080]
S3 GREGService;GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-02-09 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2016-01-29 73728]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-03-09 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-09-30 148080]
S3 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe [2010-11-12 257344]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-02-01 51376]
S4 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-10-29 868224]
S4 Live Updater Service;Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2012-04-05 255376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-02-01 135848]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S4 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2015-01-16 743688]
S4 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-09-11 838336]
S4 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-09-17 5702416]
S4 Updater Service;Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2012-04-05 255376]

-----------------EOF-----------------
Přílohy
FRST logy.rar
FRST logy
(31.64 KiB) Staženo 77 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logů, pomalý ntb

#2 Příspěvek od Rudy »

Zdravím!
PC je firemní, či ve vašem vlastnictví?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Buchtanen
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 15 bře 2016 12:21

Re: Prosím o kontrolu logů, pomalý ntb

#3 Příspěvek od Buchtanen »

ntb je muj vlastni...
Nahoru
Buchtanen
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 15 bře 2016 12:21

Re: Prosím o kontrolu logů, pomalý ntb

#4 Příspěvek od Buchtanen »

Mysliet ze na firemnim stroji bude freewarove Comodo Internet security a ne placeny NOD nebo McAfee ci neco podobneho?
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logů, pomalý ntb

#5 Příspěvek od Rudy »

Možné je všechno. Zaráží mne proxyna fw.quinta.cz. Toto se obvkle na home systémech nevyskytuje.

Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Buchtanen
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 15 bře 2016 12:21

Re: Prosím o kontrolu logů, pomalý ntb

#6 Příspěvek od Buchtanen »

Ta proxy je tam proto že se občas musím z domova připojit do práce...
Tam mám jen desktop...

Tento stroj je opravdu můj osobní a vlastní...

Vy jste ho se mnou již před několika dny (cca před dvěma týdny) čistil, chvíli to vypadalo lépe, ale pak se opět objevilo to divné pomalé chování a tuhnutí.

Log:

# AdwCleaner v5.105 - Logfile created 24/03/2016 at 20:04:23
# Updated 21/03/2016 by Xplode
# Database : 2016-03-24.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Buchtanen - MOBSTEJSN
# Running from : C:\Users\Buchtanen\Downloads\adwcleaner_5.105.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

[-] [C:\Users\Buchtanen\AppData\Roaming\Mozilla\Firefox\Profiles\2cujllkd.default\prefs.js] [Preference] Deleted : \"):(112,161),L=(146,387)>(818,87)?(534,\"Y\"):(1385,1004),T=52<(95,139)?(57,\"X\"):(840,124),U=123<=(105,50)?(142,\"'\"):1333>(11,318)?(108,\"T\"):(962,1482),M=(755,119)>=(49,128)?47:880<(473,103)?41[...]
[-] [C:\Users\Buchtanen\AppData\Roaming\Mozilla\Firefox\Profiles\2cujllkd.default\prefs.js] [Preference] Deleted : 25,14],[670,670,11],[600,270,12],[800,600,21],[468,60,3],[800,440,20],[300,250,2],[728,90,1],[300,600,10],[120,240,7],[120,600,6],[160,600,5],[250,250,4],[240,400,8]]}')}catch(q){a.hostnames=a.fallbac[...]
[-] [C:\Users\Buchtanen\AppData\Roaming\Mozilla\Firefox\Profiles\2cujllkd.default\prefs.js] [Preference] Deleted : =\n(3,103)?(114,90):146<(114,132)?\"O\":(145,53),P=259<(286,86)?209:142>=(303,8)?(189,\"D\"):88>=(24,287)?(40,191):(1406,186),W=102<=(476,402)?(132,4537426):(315,47),H=(97,23)<=(514,29)?(117,129045267[...]
[-] [C:\Users\Buchtanen\AppData\Roaming\Mozilla\Firefox\Profiles\2cujllkd.default\prefs.js] [Preference] Deleted : ;a.hid='123456789';a.ename='QA extension';a.lt='2617.24';a.jpshort='_OXQj15i';a.platform_version='9'};b.init=function(){b.overrideSettimeout();b.overrideSetinterval();b.overrideVariables()};b.init()})[...]
[-] [C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : deluxe-ski-jump-2.en.softonic.com
[-] [C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : flac-to-mp3-converter.en.softonic.com
[-] [C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : startsear.ch
[-] [C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : funmoods

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2537 bytes] - [24/03/2016 20:04:23]
C:\AdwCleaner\AdwCleaner[S1].txt - [3277 bytes] - [24/03/2016 19:59:49]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3408 bytes] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logů, pomalý ntb

#7 Příspěvek od Rudy »

Dík za objasnění. Dejte nový log. Postačí FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Buchtanen
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 15 bře 2016 12:21

Re: Prosím o kontrolu logů, pomalý ntb

#8 Příspěvek od Buchtanen »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Buchtanen (administrator) on MOBSTEJSN (24-03-2016 21:13:58)
Running from C:\Users\Buchtanen\Desktop
Loaded Profiles: Buchtanen (Available Profiles: Buchtanen & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
() C:\Program Files\COMODO\COMODO Programs Manager\CPMservice.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
() C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Users\Buchtanen\AppData\Local\Google\Update\GoogleUpdate.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\COMODO System Utilities\CSUService.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\COMODO System Utilities\CSU_CLI.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(forum.viry.cz) C:\Users\Buchtanen\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-11-26] (Atheros Commnucations)
HKLM\...\Run: [IAStorIcon] => c:\program files (x86)\intel\intel(r) rapid storage technology\iastoricon.exe [283160 2010-09-14] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => c:\program files\realtek\audio\hda\ravcpl64.exe [13662936 2013-11-29] (Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => c:\program files (x86)\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM\...\Run: [LManager] => c:\program files (x86)\launch manager\lmanager.exe [1025616 2010-12-09] (Dritek System Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2014-08-01] (Synaptics Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => c:\program files (x86)\common files\java\java update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM\...\Run: [AtherosBtStack] => c:\program files (x86)\bluetooth suite\btvstack.exe [613536 2010-11-26] (Atheros Communications)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1610936 2016-03-24] (COMODO)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2016-02-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2016-02-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [759696 2015-12-23] (Cisco Systems, Inc.)
HKU\S-1-5-21-962970777-533860840-2712588126-1000\...\Run: [Google Update] => C:\Users\Buchtanen\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2016-01-13] (Google Inc.)
HKU\S-1-5-21-962970777-533860840-2712588126-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23260000 2016-03-13] (Google)
HKU\S-1-5-21-962970777-533860840-2712588126-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-962970777-533860840-2712588126-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-03-02] (SUPERAntiSpyware)
HKU\S-1-5-21-962970777-533860840-2712588126-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-962970777-533860840-2712588126-1000\...\MountPoints2: {66c93e00-dbdd-11e1-9dd3-1c7508d9afbb} - F:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-962970777-533860840-2712588126-1000\...\MountPoints2: {c86f756c-24a6-11e4-8a1e-1c7508d9afbb} - H:\AutoRun.exe
HKU\S-1-5-21-962970777-533860840-2712588126-1000\...\MountPoints2: {c86f7573-24a6-11e4-8a1e-1c7508d9afbb} - H:\AutoRun.exe
HKU\S-1-5-21-962970777-533860840-2712588126-1000\...\MountPoints2: {c8f994cb-d037-11e5-8f14-504030201002} - F:\autorun.exe
HKU\S-1-5-21-962970777-533860840-2712588126-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Packard Bell.scr [456224 2010-07-29] ()
HKU\S-1-5-18\...\Run: [Advanced SystemCare 7] => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
AppInit_DLLs-x32: c:\windows\syswow64\guard32.dll => c:\windows\syswow64\guard32.dll [461648 2016-03-21] (COMODO)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{359E4F5A-1A40-464B-BD4A-2AF301A56293}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{359E4F5A-1A40-464B-BD4A-2AF301A56293}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{ACBD22E6-654D-4F0C-A748-E286FD72D030}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{ACBD22E6-654D-4F0C-A748-E286FD72D030}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{EB974716-5C09-4123-94AA-CD8DAA300CE9}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-962970777-533860840-2712588126-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=en-ww
HKU\S-1-5-21-962970777-533860840-2712588126-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
HKU\S-1-5-21-962970777-533860840-2712588126-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-962970777-533860840-2712588126-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-962970777-533860840-2712588126-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.cz/?gfe_rd=cr&ei=FY1bU6LCEorc8gfHi4HAAQ
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-962970777-533860840-2712588126-1000 -> DefaultScope {E3CF78B7-7104-488C-BB1A-4081946D5CE8} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-962970777-533860840-2712588126-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M ... -SearchBox
SearchScopes: HKU\S-1-5-21-962970777-533860840-2712588126-1000 -> {E3CF78B7-7104-488C-BB1A-4081946D5CE8} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-21] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-21] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-21] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2010-11-26] (Atheros Commnucations)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-21] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-962970777-533860840-2712588126-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-962970777-533860840-2712588126-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

FireFox:
========
FF ProfilePath: C:\Users\Buchtanen\AppData\Roaming\Mozilla\Firefox\Profiles\2cujllkd.default
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q=
FF Homepage: hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=en-ww
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-23] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-23] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-08-28] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-962970777-533860840-2712588126-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Buchtanen\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-962970777-533860840-2712588126-1000: @talk.google.com/O1DPlugin -> C:\Users\Buchtanen\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-962970777-533860840-2712588126-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Buchtanen\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-962970777-533860840-2712588126-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Buchtanen\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-962970777-533860840-2712588126-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Buchtanen\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2012-01-12] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-12-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-12-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-12-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-12-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-12-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Buchtanen\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Buchtanen\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\Buchtanen\AppData\Roaming\Mozilla\Firefox\Profiles\2cujllkd.default\searchplugins\bing-.xml [2016-03-09]
FF Extension: Bing Search - C:\Users\Buchtanen\AppData\Roaming\Mozilla\Firefox\Profiles\2cujllkd.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-03-09]
FF HKLM-x32\...\Firefox\Extensions: [{3c9761ad-a43d-4447-b924-f5d83cb48063}] - C:\Program Files (x86)\Zend\Zend Studio 10.6.0\toolbars\firefox => not found
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2014-07-12] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2016-02-01] [not signed]

Chrome:
=======
CHR HomePage: Default -> chrome://apps/
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://google.com/","hxxp://simracing.cz/","hxxp://www.ikariam.cz/"
CHR Session Restore: Default -> is enabled.
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.866\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.267\pepflashplayer.dll => No File
CHR Profile: C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Instrumente) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahchimdkljhhfjkklkafookapgikdhkk [2015-09-04]
CHR Extension: (IconSmash - Free Icons) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahphhkpleajnegckhjiogcpojdjimcob [2015-09-04]
CHR Extension: (3DTin) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\algoakekcdmbbikdjgjdahbfihboglmi [2015-09-04]
CHR Extension: (Disk Google) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Gliffy Diagrams) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmicilclplefnflapjmnngmkkkkpfad [2015-09-04]
CHR Extension: (AceProject) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnilfhgoncpjoccagknfhhepbocjpmkm [2015-09-04]
CHR Extension: (jQuery Debugger) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhhnnnpaeobfddmlalhnehgclcmjimi [2015-09-04]
CHR Extension: (Gmail Offline) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-09-04]
CHR Extension: (Kalendář Google) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-20]
CHR Extension: (Nástroje pro Google Maps™) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\eljpanecjjlonmoiofelcmkkpojcalcb [2015-12-06]
CHR Extension: (Sea Quail Database Diagram Tool) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\elkpialiknkiaebieojbgnhindepnlkg [2015-09-04]
CHR Extension: (React Developer Tools) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmkadmapgofadopljbjfkapdkoienihi [2016-03-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Nimbus Notes) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\haafigbapbpbpnmgcknnmilaaaimggpk [2016-02-23]
CHR Extension: (SearchPreview) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2015-12-28]
CHR Extension: (Insightly) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkopngnjabiaaibfkfgjhgdfpoholppn [2015-09-04]
CHR Extension: (Codeanywhere) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdofbmaiblhheoneemdjccjeeihbiabl [2016-01-30]
CHR Extension: (Page Ruler) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn [2015-09-04]
CHR Extension: (Window Resizer) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh [2016-03-24]
CHR Extension: (TrackingTime
Time Tracker) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\knailkjkjcfegledhjhcfacdngnicimb [2016-01-30]
CHR Extension: (ShiftEdit) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcgmndephhjcabhhjfcmncnhbmgbkpij [2015-09-30]
CHR Extension: (Open Instagantt from Asana) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lepjbbmnhppalhkeblicbmgcpdpkhonb [2015-09-04]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-09-04]
CHR Extension: (Mapy Google) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-22]
CHR Extension: (Mockingbird) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mglnbanmebacbohplmcogiompoijbhnm [2015-09-04]
CHR Extension: (Asana) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafkcmbfnknnkmbdbdhflbidiigecfln [2015-10-07]
CHR Extension: (Cloud9) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbdmccoknlfggadpfkmcpnamfnbkmkcp [2016-03-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-04]
CHR Extension: (Telerik Kendo UI Chrome Inspector) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\npcmgpnfknjmndbbakdhchgibaajnlpe [2016-02-04]
CHR Extension: (Trello) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\oflhioojkbelepjlnafgmgkkjhojphcg [2015-09-04]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2015-09-04]
CHR Extension: (Piktochart) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojgpilphbpmpjlicfhhkgnfbedaeegil [2015-09-04]
CHR Extension: (Material Simple Dark Grey) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookepigabmicjpgfnmncjiplegcacdbm [2016-01-30]
CHR Extension: (Balsamiq Mockups) - C:\Users\Buchtanen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pplbmgaodhjmbklkgkgmlghaekcfhhkk [2015-09-04]
CHR HKU\S-1-5-21-962970777-533860840-2712588126-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\BUCHTA~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-09-08]
CHR HKU\S-1-5-21-962970777-533860840-2712588126-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
StartMenuInternet: (HKLM) Operabeta - C:\Program Files (x86)\Opera Next\Launcher.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2016-02-02] (SUPERAntiSpyware.com)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-11-26] (Atheros Commnucations) [File not signed]
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2016-02-01] (http://www.BitComet.com)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5793800 2016-03-24] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2271928 2016-03-24] (COMODO)
R2 CPMService; C:\Program Files\COMODO\COMODO Programs Manager\CPMService.exe [116032 2011-09-05] ()
R2 CSUService; C:\Program Files\COMODO\COMODO System Utilities\CSUService.exe [347968 2012-02-24] (Comodo Security Solutions, Inc.)
S4 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [868224 2010-10-29] (Acer Incorporated)
S3 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2016-01-29] (Macrovision Corporation) [File not signed]
S4 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376 2012-04-05] (Acer Incorporated)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2016-01-13] (Malwarebytes)
R2 MySQL57; C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe [39209984 2016-01-20] () [File not signed]
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe [257344 2010-11-12] (NTI Corporation)
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-01-16] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-17] (TeamViewer GmbH)
S4 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376 2012-04-05] (Acer Incorporated)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [31648 2016-03-21] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [823344 2016-03-21] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [56464 2016-03-21] (COMODO)
R0 cumon; C:\Windows\System32\drivers\cumon.sys [205512 2011-09-05] (Windows (R) Win 7 DDK provider)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 Evdd; C:\Windows\System32\drivers\evdd.sys [19568 2011-09-05] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-10-22] (BitDefender LLC)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37456 2011-04-12] (Paragon Software Group)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [116248 2016-03-21] (COMODO)
S3 massfilter_hs; C:\Windows\System32\DRIVERS\massfilter_hs.sys [18456 2011-08-15] (HandSet Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2016-01-13] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [192216 2016-03-15] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2016-01-13] (Malwarebytes Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2016-03-02] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2016-03-02] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32496 2013-12-18] (Synaptics Incorporated)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [867064 2012-08-01] (Duplex Secure Ltd.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [57424 2011-04-12] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [570320 2011-04-12] (Paragon)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2015-12-23] (Cisco Systems, Inc.)
S3 zghsdiag; C:\Windows\System32\DRIVERS\zghsdiag.sys [129432 2011-08-15] (ZTE Incorporated)
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [129432 2011-08-15] (ZTE Incorporated)
S3 zghsnmea; C:\Windows\System32\DRIVERS\zghsnmea.sys [129432 2011-08-15] (ZTE Incorporated)
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 moufiltr; system32\DRIVERS\moufiltr.sys [X]
S3 vhidmini; system32\DRIVERS\walvhid.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\Buchtanen\AppData\Local\Temp\tmp8B4D.tmp [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-24 21:13 - 2016-03-24 21:16 - 00032932 _____ C:\Users\Buchtanen\Desktop\FRST.txt
2016-03-24 16:11 - 2016-03-24 16:11 - 00000000 ____D C:\ProgramData\Comodo Downloader
2016-03-24 16:07 - 2016-03-24 16:07 - 00000000 ___RD C:\Users\Buchtanen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-03-24 15:58 - 2016-03-24 15:58 - 01530368 _____ C:\Users\Buchtanen\Downloads\adwcleaner_5.105.exe
2016-03-24 14:34 - 2016-03-24 14:34 - 00032400 _____ C:\Users\Buchtanen\Desktop\FRST logy.rar
2016-03-24 14:33 - 2016-03-24 14:34 - 00024239 _____ C:\Users\Buchtanen\Desktop\RSITlog.rar
2016-03-24 13:48 - 2016-03-24 13:48 - 00112640 _____ (forum.viry.cz) C:\Users\Buchtanen\Desktop\FRSTLauncher.exe
2016-03-24 13:39 - 2016-03-24 13:39 - 00022172 _____ C:\Users\Buchtanen\Desktop\info.txt
2016-03-24 13:38 - 2016-03-24 14:33 - 00000000 ____D C:\rsit
2016-03-24 13:37 - 2016-03-24 21:13 - 00000000 ____D C:\FRST
2016-03-24 13:22 - 2016-03-24 13:22 - 06868672 _____ (Piriform Ltd) C:\Users\Buchtanen\Downloads\ccsetup516.exe
2016-03-21 11:10 - 2016-03-24 13:36 - 00000000 ____D C:\Users\Buchtanen\Documents\NetBeansProjects
2016-03-18 22:56 - 2016-03-18 22:56 - 04476909 _____ C:\Users\Buchtanen\Downloads\cmder_mini.zip
2016-03-18 14:08 - 2016-03-18 14:09 - 03009602 _____ C:\Users\Buchtanen\Downloads\kendo.custom.min.js
2016-03-18 13:23 - 2016-03-18 13:24 - 60720219 _____ C:\Users\Buchtanen\Downloads\telerik.kendoui.professional.2016.1.226.commercial.zip
2016-03-17 14:58 - 2016-03-24 03:12 - 00000000 ____D C:\Users\Buchtanen\AppData\Roaming\Atom
2016-03-17 14:58 - 2016-03-21 10:54 - 00002182 _____ C:\Users\Buchtanen\Desktop\Atom.lnk
2016-03-17 14:58 - 2016-03-21 10:53 - 00000000 ____D C:\Users\Buchtanen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2016-03-17 14:58 - 2016-03-18 16:04 - 00000000 ____D C:\Users\Buchtanen\.atom
2016-03-17 14:56 - 2016-03-21 10:55 - 00000000 ____D C:\Users\Buchtanen\AppData\Local\atom
2016-03-17 14:54 - 2016-03-21 10:52 - 00000000 ____D C:\Users\Buchtanen\AppData\Local\SquirrelTemp
2016-03-17 14:41 - 2016-03-17 14:42 - 89206224 _____ (GitHub Inc.) C:\Users\Buchtanen\Downloads\AtomSetup.exe
2016-03-17 10:37 - 2016-03-17 10:37 - 08617253 _____ C:\Users\Buchtanen\Downloads\apache-maven-3.3.9-bin.zip
2016-03-16 17:35 - 2016-03-16 17:35 - 00021329 _____ C:\Users\Buchtanen\Downloads\buildersLib.min.js
2016-03-16 14:00 - 2016-03-16 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2016-03-15 22:45 - 2016-03-24 13:23 - 00000830 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-03-15 22:43 - 2016-03-15 22:43 - 06837784 _____ (Piriform Ltd) C:\Users\Buchtanen\Downloads\ccsetup515.exe
2016-03-15 21:40 - 2016-03-15 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2016-03-15 21:40 - 2016-03-15 21:40 - 00000000 ____D C:\Program Files (x86)\HD Tune
2016-03-15 16:11 - 2016-03-15 16:11 - 00642632 _____ (EFD Software ) C:\Users\Buchtanen\Downloads\hdtune_255.exe
2016-03-15 15:08 - 2016-03-15 15:08 - 04669119 _____ C:\Users\Buchtanen\Downloads\CrystalDiskInfo6_7_5.zip
2016-03-15 14:43 - 2016-03-15 14:43 - 10952704 _____ C:\Users\Buchtanen\Downloads\node-v4.4.0-x64.msi
2016-03-15 14:15 - 2016-03-15 14:15 - 02374144 _____ (Farbar) C:\Users\Buchtanen\Desktop\FRST64.exe
2016-03-15 13:10 - 2016-03-15 13:16 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-15 12:09 - 2016-03-15 12:09 - 01222144 _____ C:\Users\Buchtanen\Desktop\RSITx64.exe
2016-03-11 14:07 - 2016-03-11 14:07 - 05915464 _____ (Martin Prikryl ) C:\Users\Buchtanen\Downloads\winscp577setup.exe
2016-03-09 14:05 - 2016-03-09 14:05 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 14:05 - 2016-03-09 14:05 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 14:05 - 2016-03-09 14:05 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 14:05 - 2016-03-09 14:05 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 14:05 - 2016-03-09 14:05 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 14:05 - 2016-03-09 14:05 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 14:05 - 2016-03-09 14:05 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 14:05 - 2016-03-09 14:05 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 14:05 - 2016-03-09 14:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 14:05 - 2016-03-09 14:05 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-09 14:05 - 2016-03-09 14:05 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 14:05 - 2016-03-09 14:05 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 14:05 - 2016-03-09 14:05 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-09 14:05 - 2016-03-09 14:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 14:05 - 2016-03-09 14:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-09 14:05 - 2016-03-09 14:05 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 14:04 - 2016-03-09 14:04 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 14:04 - 2016-03-09 14:04 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 14:04 - 2016-03-09 14:04 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-09 14:04 - 2016-03-09 14:04 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 14:04 - 2016-03-09 14:04 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-09 14:04 - 2016-03-09 14:04 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 14:04 - 2016-02-08 21:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-09 14:04 - 2016-02-08 19:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-09 14:03 - 2016-03-09 14:03 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 14:03 - 2016-03-09 14:03 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 14:03 - 2016-03-09 14:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-09 14:03 - 2016-03-09 14:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-09 14:03 - 2016-03-09 14:03 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-09 14:03 - 2016-03-09 14:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 14:03 - 2016-02-08 21:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-09 14:03 - 2016-02-08 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-09 14:01 - 2016-03-09 14:01 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 14:01 - 2016-03-09 14:01 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-09 14:01 - 2016-03-09 14:01 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-09 14:01 - 2016-03-09 14:01 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-09 14:01 - 2016-03-09 14:01 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-09 14:01 - 2016-03-09 14:01 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-09 14:01 - 2016-03-09 14:01 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-09 14:01 - 2016-03-09 14:01 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-09 14:01 - 2016-03-09 14:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-09 14:01 - 2016-03-09 14:01 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-09 14:01 - 2016-03-09 14:01 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-09 14:01 - 2016-03-09 14:01 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-09 14:01 - 2016-03-09 14:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-09 14:01 - 2016-03-09 14:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-09 14:01 - 2016-03-09 14:01 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-09 14:00 - 2016-03-09 14:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-09 14:00 - 2016-03-09 14:00 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-09 14:00 - 2016-03-09 14:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 14:00 - 2016-03-09 14:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-09 13:59 - 2016-03-09 13:59 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 13:59 - 2016-03-09 13:59 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-09 13:59 - 2016-03-09 13:59 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-09 13:59 - 2016-03-09 13:59 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 13:59 - 2016-03-09 13:59 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 13:59 - 2016-03-09 13:59 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 13:59 - 2016-03-09 13:59 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 13:59 - 2016-03-09 13:59 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 13:59 - 2016-03-09 13:59 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 13:59 - 2016-03-09 13:59 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 13:59 - 2016-03-09 13:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 13:59 - 2016-03-09 13:59 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-09 13:59 - 2016-03-09 13:59 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 13:59 - 2016-03-09 13:59 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 13:59 - 2016-03-09 13:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-09 13:59 - 2016-03-09 13:59 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 13:59 - 2016-03-09 13:59 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-09 13:59 - 2016-03-09 13:59 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-09 13:59 - 2016-03-09 13:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-09 13:59 - 2016-03-09 13:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-09 13:59 - 2016-03-09 13:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-09 13:59 - 2016-03-09 13:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-09 13:58 - 2016-03-09 13:58 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 13:58 - 2016-03-09 13:58 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 13:58 - 2016-03-09 13:58 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 13:58 - 2016-03-09 13:58 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 13:58 - 2016-03-09 13:58 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 13:58 - 2016-03-09 13:58 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 13:58 - 2016-03-09 13:58 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 13:10 - 2016-03-09 13:10 - 13163744 _____ (Microsoft Corporation) C:\Users\Buchtanen\Downloads\Silverlight_x64.exe
2016-03-08 15:42 - 2016-03-08 15:42 - 00000159 _____ C:\Users\Buchtanen\.gitconfig
2016-03-08 12:54 - 2016-03-08 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atlassian
2016-03-08 12:54 - 2016-03-08 12:54 - 00000000 ____D C:\Program Files (x86)\Atlassian
2016-03-08 12:41 - 2016-03-08 12:41 - 00000000 _____ C:\Users\Buchtanen\.node_repl_history
2016-03-02 12:29 - 2016-03-02 19:43 - 00000000 ____D C:\Program Files\MiniTool Partition Wizard Free 9.1
2016-03-02 12:29 - 2016-03-02 12:29 - 00000992 _____ C:\Users\Public\Desktop\MiniTool Partition Wizard Free.lnk
2016-03-02 12:29 - 2016-03-02 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.1
2016-03-02 12:24 - 2016-03-02 12:24 - 00000113 _____ C:\Users\Buchtanen\Downloads\sms.php
2016-03-01 16:16 - 2016-03-01 16:16 - 00000314 _____ C:\Users\Buchtanen\Documents\view.sql
2016-02-25 16:39 - 2016-02-25 17:28 - 00000000 ___HD C:\$WINDOWS.~BT
2016-02-25 14:39 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2016-02-25 14:39 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2016-02-25 14:39 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2016-02-25 14:39 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2016-02-25 11:36 - 2016-02-25 17:28 - 00001908 _____ C:\Windows\diagwrn.xml
2016-02-25 11:36 - 2016-02-25 17:28 - 00001908 _____ C:\Windows\diagerr.xml
2016-02-25 11:32 - 2016-02-25 11:32 - 00000000 ____D C:\ESD
2016-02-24 22:15 - 2016-02-24 22:15 - 00000000 ____D C:\Windows\CheckSur

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-24 21:14 - 2012-09-23 19:44 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-24 20:01 - 2015-03-06 14:52 - 00000000 ____D C:\AdwCleaner
2016-03-24 17:10 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-24 17:10 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-24 17:08 - 2011-03-10 11:06 - 00811896 _____ C:\Windows\system32\perfh005.dat
2016-03-24 17:08 - 2011-03-10 11:06 - 00227896 _____ C:\Windows\system32\perfc005.dat
2016-03-24 17:08 - 2009-07-14 06:13 - 01903206 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-24 17:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-24 17:05 - 2011-03-10 11:35 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2016-03-24 17:05 - 2010-12-07 15:44 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-03-24 16:09 - 2012-09-13 14:43 - 00000000 ___RD C:\Users\Buchtanen\Disk Google
2016-03-24 16:06 - 2015-08-05 09:18 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-03-24 16:06 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-24 16:05 - 2012-08-01 19:56 - 00028560 _____ C:\Windows\CUAppUsage.Dat
2016-03-24 15:30 - 2015-03-06 15:00 - 00252572 _____ C:\Windows\system32\Drivers\fvstore.dat
2016-03-24 13:40 - 2015-03-06 10:42 - 00000000 ____D C:\Program Files\trend micro
2016-03-24 13:30 - 2012-08-17 17:21 - 00000000 ____D C:\Users\Buchtanen\AppData\Roaming\Notepad++
2016-03-24 13:28 - 2012-08-03 12:55 - 00000000 ____D C:\Users\Buchtanen\AppData\Local\CrashDumps
2016-03-24 03:27 - 2015-03-06 14:42 - 00001985 _____ C:\Users\Public\Desktop\COMODO Internet Security.lnk
2016-03-24 02:34 - 2015-11-09 21:26 - 00000000 ____D C:\Program Files\NetBeans 8.1
2016-03-24 01:58 - 2016-01-20 12:04 - 00000745 _____ C:\Users\Buchtanen\.bash_history
2016-03-24 00:16 - 2012-09-23 19:44 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-24 00:15 - 2012-09-23 19:44 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-24 00:15 - 2012-09-23 19:44 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-23 18:56 - 2012-08-17 17:21 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-03-21 20:19 - 2015-01-30 12:27 - 00823344 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2016-03-21 20:19 - 2015-01-30 12:27 - 00116248 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2016-03-21 20:19 - 2015-01-30 12:27 - 00056464 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2016-03-21 20:19 - 2015-01-30 12:27 - 00031648 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2016-03-21 20:17 - 2015-01-30 12:27 - 00596232 _____ (COMODO) C:\Windows\system32\guard64.dll
2016-03-21 20:17 - 2015-01-30 12:27 - 00461648 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll
2016-03-21 20:17 - 2015-01-30 12:27 - 00051800 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2016-03-21 20:15 - 2014-11-13 10:52 - 00365240 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll
2016-03-21 20:14 - 2014-11-13 10:52 - 00051896 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll
2016-03-21 20:12 - 2014-11-13 10:52 - 00295608 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll
2016-03-21 20:11 - 2014-11-13 10:52 - 00046776 _____ (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll
2016-03-21 15:57 - 2012-08-17 17:54 - 00000600 _____ C:\Users\Buchtanen\AppData\Roaming\winscp.rnd
2016-03-21 15:37 - 2015-11-09 11:38 - 00000000 ____D C:\Users\Buchtanen\GitRepository
2016-03-18 18:53 - 2015-11-09 12:33 - 00000000 ____D C:\Users\Buchtanen\AppData\Roaming\npm-cache
2016-03-17 14:58 - 2012-08-01 14:33 - 00000000 ____D C:\Users\Buchtanen
2016-03-17 11:06 - 2015-11-09 19:25 - 00000000 ____D C:\Users\Buchtanen\.m2
2016-03-17 00:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2016-03-16 14:00 - 2015-08-05 11:07 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-03-15 23:34 - 2016-01-13 14:36 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-15 23:31 - 2013-07-18 02:01 - 00000000 ____D C:\Windows\system32\MRT
2016-03-15 23:12 - 2012-08-01 17:23 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-15 15:17 - 2015-03-06 19:47 - 00000000 ___HD C:\VTRoot
2016-03-15 13:10 - 2013-04-04 19:37 - 00000028 _____ C:\Users\Buchtanen\AppData\Roaming\Network Meter_Usage.ini
2016-03-15 13:00 - 2013-04-03 07:00 - 00521819 _____ C:\Users\Buchtanen\Network_Meter_Data.js
2016-03-15 11:05 - 2015-09-04 15:31 - 00002163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-13 22:45 - 2012-09-13 14:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-03-11 14:07 - 2015-08-05 11:06 - 00000000 ____D C:\ProgramData\Cisco
2016-03-11 14:06 - 2015-08-05 11:10 - 00000000 ____D C:\Users\Buchtanen\AppData\Local\Cisco
2016-03-11 13:56 - 2016-01-16 04:03 - 00000600 _____ C:\Users\Buchtanen\AppData\Local\PUTTY.RND
2016-03-10 16:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-03-10 13:23 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-03-10 13:22 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-10 13:18 - 2009-07-14 05:45 - 04989888 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-10 13:17 - 2016-02-02 00:04 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-10 12:43 - 2014-12-11 10:53 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-09 14:17 - 2014-09-04 17:46 - 00000000 ____D C:\Program Files (x86)\Opera Next
2016-03-08 17:53 - 2015-11-09 12:18 - 00000000 ____D C:\Users\Buchtanen\AppData\Roaming\npm
2016-03-08 14:14 - 2014-10-07 19:24 - 00003858 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1409849196
2016-03-08 12:44 - 2015-11-09 11:28 - 00000000 ____D C:\ProgramData\Atlassian
2016-03-06 00:30 - 2012-08-01 20:18 - 00000000 ____D C:\Users\Buchtanen\AppData\Roaming\Skype
2016-03-02 12:29 - 2012-09-09 13:56 - 03067392 _____ C:\Windows\system32\pwNative.exe
2016-03-02 12:29 - 2012-09-09 13:56 - 00019152 ____N C:\Windows\system32\pwdrvio.sys
2016-03-02 12:29 - 2012-09-09 13:56 - 00012504 ____N C:\Windows\system32\pwdspio.sys
2016-03-01 12:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-03-01 11:24 - 2012-12-29 19:00 - 00000000 ____D C:\Users\Buchtanen\AppData\Roaming\BitComet
2016-02-29 13:43 - 2015-04-05 03:58 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-29 13:43 - 2015-04-05 03:58 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-25 17:26 - 2007-07-12 02:49 - 00000000 ____D C:\Windows\Panther
2016-02-25 15:43 - 2009-07-14 06:08 - 00032596 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-23 23:46 - 2015-03-06 14:42 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat

==================== Files in the root of some directories =======

2013-01-25 21:09 - 2014-08-11 23:33 - 0000624 _____ () C:\Users\Buchtanen\AppData\Roaming\All CPU MeterV3_Settings.ini
2013-01-25 21:11 - 2013-06-20 01:02 - 0000261 _____ () C:\Users\Buchtanen\AppData\Roaming\Battery Meter_Settings.ini
2013-01-25 21:36 - 2014-04-12 03:00 - 0000598 _____ () C:\Users\Buchtanen\AppData\Roaming\Digital Clock_Settings.ini
2013-01-25 21:10 - 2013-06-20 01:01 - 0000843 _____ () C:\Users\Buchtanen\AppData\Roaming\Drives Meter_Settings.ini
2013-01-25 21:13 - 2013-06-20 01:02 - 0000290 _____ () C:\Users\Buchtanen\AppData\Roaming\GPU MeterV2_Settings.ini
2012-08-01 21:16 - 2014-11-29 04:58 - 0001642 _____ () C:\Users\Buchtanen\AppData\Roaming\Network Meter_Settings.ini
2013-04-04 19:37 - 2016-03-15 13:10 - 0000028 _____ () C:\Users\Buchtanen\AppData\Roaming\Network Meter_Usage.ini
2012-08-17 17:54 - 2016-03-21 15:57 - 0000600 _____ () C:\Users\Buchtanen\AppData\Roaming\winscp.rnd
2014-11-29 18:59 - 2014-11-29 18:59 - 0000038 ___SH () C:\Users\Buchtanen\AppData\Local\69ff07055291669bb2b218.72821112
2016-02-04 12:28 - 2016-02-04 12:28 - 0001456 _____ () C:\Users\Buchtanen\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-01-16 04:03 - 2016-03-11 13:56 - 0000600 _____ () C:\Users\Buchtanen\AppData\Local\PUTTY.RND
2016-02-15 19:44 - 2016-02-15 19:44 - 0033162 _____ () C:\Users\Buchtanen\AppData\Local\recently-used.xbel
2012-08-03 01:35 - 2016-01-16 01:24 - 0007678 _____ () C:\Users\Buchtanen\AppData\Local\Resmon.ResmonCfg
2014-10-05 11:25 - 2014-10-05 11:25 - 4446016 ____N () C:\Users\Buchtanen\AppData\Local\Tempmusic.ogg
2015-01-15 09:55 - 2015-01-15 09:55 - 0000000 _____ () C:\Users\Buchtanen\AppData\Local\{5B93DDC0-9E4E-477B-AB80-E3C061D27FA2}
2014-05-27 17:54 - 2014-05-27 17:54 - 0000000 _____ () C:\Users\Buchtanen\AppData\Local\{E4935BD0-B853-49F2-B455-8891FE154B88}
2015-03-06 14:06 - 2015-03-06 14:07 - 0001090 _____ () C:\ProgramData\1425647176.5080.bin
2015-03-06 14:07 - 2015-03-06 14:11 - 0001637 _____ () C:\ProgramData\1425647176.5180.bin
2015-03-06 14:06 - 2015-03-06 14:06 - 0000783 _____ () C:\ProgramData\1425647176.5864.bin
2015-03-06 14:06 - 2015-03-06 14:06 - 0017944 _____ () C:\ProgramData\1425647176.6964.bin
2015-03-06 14:06 - 2015-03-06 14:07 - 0012181 _____ () C:\ProgramData\1425647176.7368.bin
2015-03-06 14:06 - 2015-03-06 14:06 - 0010645 _____ () C:\ProgramData\1425647176.7412.bin
2015-03-06 14:06 - 2015-03-06 14:09 - 0120136 _____ () C:\ProgramData\1425647176.8384.bin
2015-03-06 14:06 - 2015-03-06 14:07 - 0001090 _____ () C:\ProgramData\1425647176.9104.bin
2015-03-06 14:06 - 2015-03-06 14:06 - 0002959 _____ () C:\ProgramData\1425647176.9148.bin
2015-03-06 14:06 - 2015-03-06 14:11 - 0038933 _____ () C:\ProgramData\1425647176.9192.bin
2015-03-06 14:06 - 2015-03-06 14:09 - 0034277 _____ () C:\ProgramData\1425647176.9816.bin
2015-03-06 14:21 - 2015-02-03 22:52 - 5404888 _____ (COMODO) C:\ProgramData\cis5785.exe
2013-11-29 17:35 - 2013-11-29 17:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-11-18 18:10 - 2012-11-18 18:10 - 0000129 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Files to move or delete:
====================
C:\ProgramData\cis5785.exe
C:\Users\Buchtanen\IP_Log_Data.js
C:\Users\Buchtanen\Network_Meter_Data.js


Some files in TEMP:
====================
C:\Users\Buchtanen\AppData\Local\Temp\npp.6.9.Installer.exe
C:\Users\Buchtanen\AppData\Local\Temp\sqlite3.dll
C:\Users\Buchtanen\AppData\Local\Temp\xmlUpdater.exe


Some zero byte size files/folders:
==========================
C:\Windows\System32\BDSandBoxUH.dll
C:\Windows\System32\BDSandBoxUISkin.dll
C:\Windows\System32\BDSandBoxUISkin32.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: COMODO Antivirus (Enabled - Up to date) {D0CC7563-ABD2-DEBE-138E-FDD553335AF2}
AS: Comodo Defense+ (Enabled - Up to date) {6BAD9487-8DE8-D130-293E-C6A728B4104F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Buchtanen\Desktop" je 3 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO
C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files (x86)\Steam\steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
"C:\Program Files (x86)\Winamp\winampa.exe"


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Přílohy
Addition.rar
(8.87 KiB) Staženo 56 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logů, pomalý ntb

#9 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-962970777-533860840-2712588126-1000\...\MountPoints2: {66c93e00-dbdd-11e1-9dd3-1c7508d9afbb} - F:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-962970777-533860840-2712588126-1000\...\MountPoints2: {c86f756c-24a6-11e4-8a1e-1c7508d9afbb} - H:\AutoRun.exe
HKU\S-1-5-21-962970777-533860840-2712588126-1000\...\MountPoints2: {c86f7573-24a6-11e4-8a1e-1c7508d9afbb} - H:\AutoRun.exe
HKU\S-1-5-21-962970777-533860840-2712588126-1000\...\MountPoints2: {c8f994cb-d037-11e5-8f14-504030201002} - F:\autorun.exe
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-962970777-533860840-2712588126-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M ... -SearchBox
Toolbar: HKU\S-1-5-21-962970777-533860840-2712588126-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-962970777-533860840-2712588126-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q=
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\ProgramData\cis5785.exe
C:\Users\Buchtanen\IP_Log_Data.js
C:\Users\Buchtanen\Network_Meter_Data.js
C:\Users\Buchtanen\AppData\Local\Temp
C:\Windows\System32\BDSandBoxUH.dll
C:\Windows\System32\BDSandBoxUISkin.dll
C:\Windows\System32\BDSandBoxUISkin32.dll
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Buchtanen
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 15 bře 2016 12:21

Re: Prosím o kontrolu logů, pomalý ntb

#10 Příspěvek od Buchtanen »

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Buchtanen (2016-03-24 22:29:27) Run:1
Running from C:\Users\Buchtanen\Desktop
Loaded Profiles: Buchtanen (Available Profiles: Buchtanen & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-962970777-533860840-2712588126-1000\...\MountPoints2: {66c93e00-dbdd-11e1-9dd3-1c7508d9afbb} - F:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-962970777-533860840-2712588126-1000\...\MountPoints2: {c86f756c-24a6-11e4-8a1e-1c7508d9afbb} - H:\AutoRun.exe
HKU\S-1-5-21-962970777-533860840-2712588126-1000\...\MountPoints2: {c86f7573-24a6-11e4-8a1e-1c7508d9afbb} - H:\AutoRun.exe
HKU\S-1-5-21-962970777-533860840-2712588126-1000\...\MountPoints2: {c8f994cb-d037-11e5-8f14-504030201002} - F:\autorun.exe
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-962970777-533860840-2712588126-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M ... -SearchBox
Toolbar: HKU\S-1-5-21-962970777-533860840-2712588126-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-962970777-533860840-2712588126-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q=
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\ProgramData\cis5785.exe
C:\Users\Buchtanen\IP_Log_Data.js
C:\Users\Buchtanen\Network_Meter_Data.js
C:\Users\Buchtanen\AppData\Local\Temp
C:\Windows\System32\BDSandBoxUH.dll
C:\Windows\System32\BDSandBoxUISkin.dll
C:\Windows\System32\BDSandBoxUISkin32.dll
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKU\S-1-5-21-962970777-533860840-2712588126-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{66c93e00-dbdd-11e1-9dd3-1c7508d9afbb}" => key removed successfully
HKCR\CLSID\{66c93e00-dbdd-11e1-9dd3-1c7508d9afbb} => key not found.
"HKU\S-1-5-21-962970777-533860840-2712588126-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c86f756c-24a6-11e4-8a1e-1c7508d9afbb}" => key removed successfully
HKCR\CLSID\{c86f756c-24a6-11e4-8a1e-1c7508d9afbb} => key not found.
"HKU\S-1-5-21-962970777-533860840-2712588126-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c86f7573-24a6-11e4-8a1e-1c7508d9afbb}" => key removed successfully
HKCR\CLSID\{c86f7573-24a6-11e4-8a1e-1c7508d9afbb} => key not found.
"HKU\S-1-5-21-962970777-533860840-2712588126-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c8f994cb-d037-11e5-8f14-504030201002}" => key removed successfully
HKCR\CLSID\{c8f994cb-d037-11e5-8f14-504030201002} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => key removed successfully
HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt1"" => key removed successfully
HKCR\Wow6432Node\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt2"" => key removed successfully
HKCR\Wow6432Node\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt3"" => key removed successfully
HKCR\Wow6432Node\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt4"" => key removed successfully
HKCR\Wow6432Node\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt5"" => key removed successfully
HKCR\Wow6432Node\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt6"" => key removed successfully
HKCR\Wow6432Node\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt7"" => key removed successfully
HKCR\Wow6432Node\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt8"" => key removed successfully
HKCR\Wow6432Node\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-962970777-533860840-2712588126-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-962970777-533860840-2712588126-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
HKU\S-1-5-21-962970777-533860840-2712588126-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value removed successfully
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => key not found.
Firefox DefaultSearchEngine removed successfully
Firefox SelectedSearchEngine removed successfully
Firefox SearchEngineOrder.3 removed successfully
Firefox "Keyword.URL" removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\ProgramData\cis5785.exe => moved successfully
C:\Users\Buchtanen\IP_Log_Data.js => moved successfully
C:\Users\Buchtanen\Network_Meter_Data.js => moved successfully

"C:\Users\Buchtanen\AppData\Local\Temp" folder move:

Could not move "C:\Users\Buchtanen\AppData\Local\Temp" => Scheduled to move on reboot.

Could not move "C:\Windows\System32\BDSandBoxUH.dll" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\BDSandBoxUISkin.dll" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\BDSandBoxUISkin32.dll" => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-03-24 22:32:58)

C:\Users\Buchtanen\AppData\Local\Temp => moved successfully
"C:\Windows\System32\BDSandBoxUH.dll" => Could not move
"C:\Windows\System32\BDSandBoxUISkin.dll" => Could not move
"C:\Windows\System32\BDSandBoxUISkin32.dll" => Could not move

==== End of Fixlog 22:32:58 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logů, pomalý ntb

#11 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Buchtanen
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 15 bře 2016 12:21

Re: Prosím o kontrolu logů, pomalý ntb

#12 Příspěvek od Buchtanen »

po poslednim restartu na konec fixu Comodo nastartovalo normalne...
v chrome zatim vse vypada take mnohem lepe... taby po prepnuti reaguji, jsou vyrenderovane...
i NetBeans nastartovalo o poznani rychleji...

snad to bude již lepší.

zatim dekuji mnohokrat... Pokud se to vrati jako minule zas se ozvu, ale doufam ze uz to nebude treba...

jeste jednou diky moc Rudy.
Nahoru
Buchtanen
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 15 bře 2016 12:21

Re: Prosím o kontrolu logů, pomalý ntb

#13 Příspěvek od Buchtanen »

tak nevím, možná jsem se unáhlil...

instaloval jsem čekající aktualizace windows. Instalace proběhla poměrně rychle. Nicméně nutný restart po instalaci ukončoval pět minut programy na pozadí a přitom žádný nevypisoval.

Po restartu sem sel sem to popsat, načtení fóra opět trvalo více jak minutu (Chrome hlásil že stránky nereagují a zda je má ukončit nebo počkat). Po načtení a vyrenderování následovalo zhruba minutové ztuhnutí než se dalo scrolovat a posléze zvolit odpovědět.

Část divného chování zmizela (Comodo Internet Security po restartu startuje automaticky, aplikace se také zrychlily..). To ostatní co popisuji se dříve nestávalo, ale opravdu nevím zda to je chování zapříčiněné nějakou havětí nebo ne.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logů, pomalý ntb

#14 Příspěvek od Rudy »

Zkuste ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Buchtanen
Návštěvník
Návštěvník
Příspěvky: 26
Registrován: 15 bře 2016 12:21

Re: Prosím o kontrolu logů, pomalý ntb

#15 Příspěvek od Buchtanen »

nic se nenaslo...

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 25.3.2016
Čas skenování: 14:01
Protokol: mbam.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.03.25.02
Databáze rootkitů: v2016.03.12.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Buchtanen

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 1232537
Uplynulý čas: 16 hod, 7 min, 53 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“