VIRY.CZ

Zdravím už niekoľko dní mám vyťažený procesor na 100%. Process explorer mi ukazuje že svchost.exe berie cca 50%.

Pridávam log z FRST a aj z HIjackthis snáď som sem dal čo treba. Dúfam že mi poradíte. Vopred ďakujem.

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-04-2016
Ran by Ján (administrator) on JÁN-TOSH (26-04-2016 20:26:18)
Running from C:\Users\Ján\Desktop
Loaded Profiles: Ján (Available Profiles: Ján)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Trend Micro Inc.) C:\Users\Ján\Downloads\hijackthis.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-10-28] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11580520 2010-11-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2181224 2010-11-03] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2387752 2010-09-30] (Synaptics Incorporated)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2475384 2010-11-02] (TOSHIBA CORPORATION.)
HKU\S-1-5-21-2519141147-1747915373-1521177724-1001\...\Run: [Total CMA Pack] => C:\Program Files (x86)\Total CMA Pack\Total CMA Pack.exe [63290 2011-09-30] (CMA®)
HKU\S-1-5-21-2519141147-1747915373-1521177724-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit)
HKU\S-1-5-21-2519141147-1747915373-1521177724-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2519141147-1747915373-1521177724-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
IFEO\setup.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-09-05]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-09-05]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
BootExecute: autocheck autochk * SmartDefragBootTime.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8327DA38-5280-44DF-831D-ED34604BCE3A}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2519141147-1747915373-1521177724-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
HKU\S-1-5-21-2519141147-1747915373-1521177724-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
SearchScopes: HKU\S-1-5-21-2519141147-1747915373-1521177724-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner64.dll [2011-09-05] (Google Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)
BHO-x32: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner.dll [2011-09-05] (Google Inc.)
BHO-x32: Pomocník pri prihlasovaní v konte Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-09-05] (Sun Microsystems, Inc.)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-20] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => not found

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://home.torchbrow ... x12clc0nht"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\gcswf32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.200.2) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U20) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll => No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\Ján\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\Ján\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ján\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19]
CHR Extension: (Gmail) - C:\Users\Ján\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-20]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1809920 2010-08-04] (Realsil Microelectronics Inc.) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-04-25] (REALiX(tm))
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [413912 2016-04-25] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3709656 2016-04-25] (Realtek Semiconductor Corporation )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 cpuz138; \??\C:\Users\JNA717~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-26 20:26 - 2016-04-26 20:27 - 00014490 _____ C:\Users\Ján\Desktop\FRST.txt
2016-04-26 20:25 - 2016-04-26 20:26 - 00000000 ____D C:\FRST
2016-04-26 20:24 - 2016-04-26 20:25 - 02376192 _____ (Farbar) C:\Users\Ján\Desktop\FRST64.exe
2016-04-26 20:23 - 2016-04-26 20:23 - 00003116 _____ C:\Windows\System32\Tasks\{F20D9A17-26DD-4A84-B221-D698ADBB9949}
2016-04-26 20:06 - 2016-04-26 20:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ján\Downloads\hijackthis.exe
2016-04-26 19:40 - 2016-04-26 19:40 - 00000000 ____D C:\Users\Ján\Downloads\ProcessExplorer
2016-04-26 19:39 - 2016-04-26 19:39 - 01270466 _____ C:\Users\Ján\Downloads\ProcessExplorer.zip
2016-04-26 00:17 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2016-04-26 00:17 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2016-04-26 00:17 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2016-04-26 00:17 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2016-04-26 00:17 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2016-04-26 00:17 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2016-04-26 00:17 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2016-04-26 00:17 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2016-04-26 00:17 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2016-04-26 00:17 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2016-04-25 23:26 - 2016-04-25 23:26 - 00003180 _____ C:\Windows\System32\Tasks\SmartDefrag4_Startup
2016-04-25 23:26 - 2016-04-25 23:26 - 00001181 _____ C:\Users\Public\Desktop\Smart Defrag 4.lnk
2016-04-25 23:26 - 2016-04-25 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2016-04-25 23:26 - 2016-01-28 18:23 - 00033704 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2016-04-25 23:26 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\SysWOW64\IObitSmartDefragExtension.dll
2016-04-25 23:26 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2016-04-25 23:26 - 2014-06-04 15:17 - 00021184 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2016-04-25 23:04 - 2016-04-25 23:05 - 46481408 _____ C:\Windows\system32\config\COMPONENTS.iobit
2016-04-25 23:04 - 2016-04-25 23:04 - 71987200 _____ C:\Windows\system32\config\SOFTWARE.iobit
2016-04-25 23:04 - 2016-04-25 23:04 - 00290816 _____ C:\Windows\system32\config\DEFAULT.iobit
2016-04-25 23:04 - 2016-04-25 23:04 - 00061440 _____ C:\Windows\system32\config\SAM.iobit
2016-04-25 23:04 - 2016-04-25 23:04 - 00024576 _____ C:\Windows\system32\config\SECURITY.iobit
2016-04-25 22:58 - 2016-04-25 23:07 - 00000000 ____D C:\Windows\system32\MRT
2016-04-25 22:58 - 2016-04-25 22:58 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-25 22:55 - 2016-04-25 22:55 - 00985600 _____ C:\Users\Ján\Downloads\MicrosoftFixit50123 (1).msi
2016-04-25 22:52 - 2016-04-25 22:52 - 00985600 _____ C:\Users\Ján\Downloads\MicrosoftFixit50123.msi
2016-04-25 22:32 - 2016-04-25 22:32 - 01027840 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2016-04-25 22:32 - 2016-04-25 22:32 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2016-04-25 22:31 - 2016-04-25 22:31 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2016-04-25 22:31 - 2016-04-25 22:31 - 04330200 _____ (TODO: <Company name>) C:\Windows\RtCRU64.exe
2016-04-25 22:31 - 2016-04-25 22:31 - 00413912 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys
2016-04-25 22:31 - 2016-04-25 22:31 - 00083160 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX64.dll
2016-04-25 22:30 - 2016-04-25 22:30 - 03709656 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlane.sys
2016-04-25 22:21 - 2016-04-25 22:21 - 00000000 ____D C:\Windows\IObit
2016-04-25 22:20 - 2016-04-25 23:24 - 00003240 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-04-25 22:20 - 2016-04-25 23:17 - 00002870 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Ján)
2016-04-25 22:20 - 2016-04-25 22:35 - 00002167 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-04-25 22:20 - 2016-04-25 22:20 - 00027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2016-04-25 22:20 - 2016-04-25 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-04-25 22:18 - 2016-04-25 23:26 - 00000000 ____D C:\ProgramData\ProductData
2016-04-25 22:18 - 2016-04-25 23:12 - 00002900 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Ján
2016-04-25 22:18 - 2016-04-25 22:18 - 00007598 _____ C:\Users\Ján\AppData\Local\Resmon.ResmonCfg
2016-04-25 22:18 - 2016-04-25 22:18 - 00001377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2016-04-25 22:18 - 2016-04-25 22:18 - 00001365 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2016-04-25 22:18 - 2016-04-25 22:18 - 00000000 ____D C:\Users\Ján\AppData\Roaming\ProductData
2016-04-25 22:18 - 2016-04-25 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-04-25 22:17 - 2016-04-25 22:22 - 00000000 ____D C:\Users\Ján\AppData\LocalLow\IObit
2016-04-25 22:17 - 2016-04-25 22:17 - 00002864 _____ C:\Windows\System32\Tasks\ASC9_SkipUac_Ján
2016-04-25 22:17 - 2016-04-25 22:17 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2016-04-25 22:17 - 2016-04-25 22:17 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-04-25 22:16 - 2016-04-25 22:28 - 00002267 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-04-25 22:16 - 2016-04-25 22:18 - 00003176 _____ C:\Windows\System32\Tasks\ASC9_PerformanceMonitor
2016-04-25 22:16 - 2016-04-25 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-04-25 22:13 - 2016-04-25 23:25 - 00000000 ____D C:\Users\Ján\AppData\Roaming\IObit
2016-04-25 22:13 - 2016-04-25 23:25 - 00000000 ____D C:\Program Files (x86)\IObit
2016-04-25 22:13 - 2016-04-25 22:51 - 00000000 ____D C:\ProgramData\IObit
2016-04-25 22:12 - 2016-04-25 22:12 - 42683680 _____ (IObit ) C:\Users\Ján\Downloads\advanced-systemcare-setup.exe
2016-04-25 21:07 - 2015-12-08 23:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-04-25 21:07 - 2015-12-08 21:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-04-25 21:07 - 2015-11-10 20:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-04-25 21:07 - 2015-11-10 20:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-04-25 21:07 - 2015-11-10 20:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-04-25 21:07 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-04-25 21:07 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-04-25 21:07 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-04-25 21:07 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-04-25 21:07 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-04-25 21:07 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-04-20 20:13 - 2016-04-20 20:13 - 00000000 ____D C:\Users\Ján\AppData\Local\GWX
2016-04-04 19:23 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-04 19:23 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-04 19:19 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2016-03-29 01:15 - 2016-03-29 01:15 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-29 01:15 - 2016-03-29 01:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-29 01:15 - 2016-03-29 01:15 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-29 01:15 - 2016-03-29 01:15 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-29 01:15 - 2016-03-29 01:15 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-29 01:15 - 2016-03-29 01:15 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-29 01:15 - 2016-03-29 01:15 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2016-03-29 01:15 - 2016-03-29 01:15 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2016-03-29 01:15 - 2016-03-29 01:15 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-29 01:15 - 2016-03-29 01:15 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-29 01:15 - 2016-03-29 01:15 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2016-03-29 01:15 - 2016-03-29 01:15 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2016-03-29 01:15 - 2016-03-29 01:15 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-29 01:15 - 2016-03-29 01:15 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2016-03-29 01:15 - 2016-03-29 01:15 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2016-03-29 01:15 - 2016-03-29 01:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-29 01:15 - 2016-03-29 01:15 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-29 01:15 - 2016-03-29 01:15 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2016-03-29 01:15 - 2016-03-29 01:15 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2016-03-29 01:15 - 2016-03-29 01:15 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2016-03-29 01:15 - 2016-03-29 01:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2016-03-29 01:15 - 2016-03-29 01:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2016-03-29 01:15 - 2016-03-29 01:15 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2016-03-29 01:15 - 2016-03-29 01:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2016-03-29 01:15 - 2016-03-29 01:15 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-03-29 01:15 - 2016-03-29 01:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-03-29 01:15 - 2016-03-29 01:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-03-29 01:15 - 2016-03-29 01:15 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-03-29 01:15 - 2016-03-29 01:15 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-03-29 00:56 - 2016-03-29 00:56 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-03-28 23:23 - 2016-04-07 18:59 - 00765700 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-03-28 21:04 - 2016-03-28 21:05 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-28 21:04 - 2016-03-28 21:04 - 00000000 ___SD C:\Windows\SysWOW64\GWX

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-26 20:07 - 2016-03-20 19:32 - 00000000 ____D C:\Users\Ján\AppData\Local\VirtualStore
2016-04-26 19:48 - 2009-07-14 06:45 - 00025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-26 19:48 - 2009-07-14 06:45 - 00025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-26 19:35 - 2009-07-14 07:13 - 00781590 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-26 19:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-26 19:32 - 2016-03-20 18:12 - 00000000 ____D C:\Windows\SysWOW64\sda
2016-04-26 19:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-26 00:14 - 2011-09-05 12:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-26 00:12 - 2011-09-05 12:03 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-26 00:12 - 2011-09-05 12:03 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-25 23:22 - 2011-09-05 12:03 - 00003944 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-25 23:22 - 2011-09-05 12:03 - 00003692 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-25 23:21 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-04-25 23:21 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-04-25 22:39 - 2010-11-21 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2016-04-25 22:32 - 2011-09-05 10:20 - 00116304 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2016-04-25 22:27 - 2016-03-20 22:23 - 00000000 ____D C:\Users\Ján\AppData\Roaming\MPC-HC
2016-04-25 22:27 - 2011-09-05 10:37 - 00000000 ____D C:\Windows\Panther
2016-04-22 09:57 - 2010-11-21 05:27 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-04 19:54 - 2016-03-20 19:33 - 00001424 _____ C:\Users\Ján\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-04 19:50 - 2009-07-14 06:45 - 00267368 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-04 19:46 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2016-04-04 19:46 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-04-04 19:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2016-04-04 19:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-04-04 19:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2016-04-04 19:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-04-04 19:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-04-04 19:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2016-03-28 23:57 - 2016-03-20 22:01 - 00000000 ____D C:\Users\Ján\AppData\Roaming\uTorrent
2016-03-28 21:10 - 2016-03-20 22:04 - 00000000 ____D C:\Users\Ján\AppData\LocalLow\uTorrent
2016-03-28 20:55 - 2016-03-20 19:33 - 00058016 _____ C:\Users\Ján\AppData\Local\GDIPFONTCACHEV1.DAT

==================== Files in the root of some directories =======

2016-04-25 22:18 - 2016-04-25 22:18 - 0007598 _____ () C:\Users\Ján\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\Ján\AppData\Local\Temp\procexp64.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2011-09-05 12:34

==================== End of FRST.txt ============================

HIjackthis

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:20:21, on 26. 4. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Ján\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKCU\..\Run: [Total CMA Pack] C:\Program Files (x86)\Total CMA Pack\Total CMA Pack.exe
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Služba ConfigFree WiMAX (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: Služba ConfigFree (ConfigFree Service) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8282 bytes

Zdravím!
1. Doporučuji odinstalovat AdvancedSystemCare. Tento rádoby optimalizátor vidí chyby i tam, kde nejsou a laik si jím snadno může poškodit systém.

2. Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

odinštalované, spustený AdwCleaner, reštartované a tu je log a pre istotu som spravil este RSIT log

# AdwCleaner v5.113 - Logfile created 26/04/2016 at 21:47:36
# Updated 24/04/2016 by Xplode
# Database : 2016-04-24.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Ján - JÁN-TOSH
# Running from : C:\Users\Ján\Desktop\adwcleaner_5.113.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : Partner Service

***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\Partner
[#] Folder Deleted : C:\ProgramData\Application Data\Partner

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
[-] Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
[-] Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}

***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1663 bytes] - [26/04/2016 21:47:36]
C:\AdwCleaner\AdwCleaner[S1].txt - [1654 bytes] - [26/04/2016 21:44:38]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1809 bytes] ##########

RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ján at 2016-04-26 22:14:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 266 GB (87%) free of 305 GB
Total RAM: 3692 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:14:12, on 26. 4. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\trend micro\Ján.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
O4 - HKCU\..\Run: [Total CMA Pack] C:\Program Files (x86)\Total CMA Pack\Total CMA Pack.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Služba ConfigFree WiMAX (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: Služba ConfigFree (ConfigFree Service) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8208 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1996
taskeng.exe {E7C12553-B91C-4D32-B5EE-51829286785D}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Microsoft Security Client\MpCmdRun.exe" SignatureUpdate -ScheduleJob -RestrictPrivileges -Reinvoke
"C:\Program Files\Microsoft Security Client\MpCmdRun.exe" SignaturesUpdateService -ScheduleJob -UnmanagedUpdate
\??\C:\Windows\system32\conhost.exe "-170472982-1880498274-1477892528-1623221079440666846-10578627021763439810260905719
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Windows\system32\wbem\wmiprvse.exe
taskhost.exe $(Arg0)
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Ján\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\Partner64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-09-05 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2010-09-28 566184]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-10-28 915320]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-10 11580520]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-11-03 2181224]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-09-30 2387752]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2016-01-29 1340192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Total CMA Pack"=C:\Program Files (x86)\Total CMA Pack\Total CMA Pack.exe [2011-09-30 63290]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-06-29 1409424]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-06-29 336384]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-11-02 2475384]
"Toshiba Registration"=C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [2011-09-05 150992]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2010-08-15 34160]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-04-26 22:09:07 ----D---- C:\Program Files\trend micro
2016-04-26 22:09:04 ----D---- C:\rsit
2016-04-26 22:02:56 ----SHD---- C:\Config.Msi
2016-04-26 21:43:26 ----D---- C:\AdwCleaner
2016-04-26 20:45:14 ----D---- C:\Users\Ján\AppData\Roaming\GHISLER
2016-04-26 20:25:50 ----D---- C:\FRST
2016-04-26 00:17:17 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2016-04-26 00:17:17 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2016-04-26 00:17:17 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2016-04-26 00:17:17 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2016-04-26 00:17:17 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2016-04-26 00:17:17 ----A---- C:\Windows\system32\KBDTAT.DLL
2016-04-26 00:17:17 ----A---- C:\Windows\system32\KBDRU1.DLL
2016-04-26 00:17:17 ----A---- C:\Windows\system32\KBDRU.DLL
2016-04-26 00:17:16 ----A---- C:\Windows\system32\KBDYAK.DLL
2016-04-26 00:17:16 ----A---- C:\Windows\system32\KBDBASH.DLL
2016-04-25 23:26:27 ----A---- C:\Windows\SYSWOW64\IObitSmartDefragExtension.dll
2016-04-25 23:26:27 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2016-04-25 23:26:26 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll
2016-04-25 23:26:25 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys
2016-04-25 22:58:07 ----D---- C:\Windows\system32\MRT
2016-04-25 22:58:03 ----A---- C:\Windows\system32\MRT.exe
2016-04-25 22:32:04 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-04-25 22:32:04 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-04-25 22:31:46 ----A---- C:\Windows\SYSWOW64\RsCRIcon.dll
2016-04-25 22:31:46 ----A---- C:\Windows\system32\RtCRX64.dll
2016-04-25 22:31:46 ----A---- C:\Windows\system32\drivers\RtsUer.sys
2016-04-25 22:31:46 ----A---- C:\Windows\RtCRU64.exe
2016-04-25 22:30:46 ----A---- C:\Windows\system32\drivers\rtwlane.sys
2016-04-25 22:21:00 ----D---- C:\Windows\IObit
2016-04-25 22:20:44 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
2016-04-25 22:18:43 ----D---- C:\Users\Ján\AppData\Roaming\ProductData
2016-04-25 22:18:24 ----D---- C:\ProgramData\ProductData
2016-04-25 22:17:36 ----D---- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-04-25 22:13:34 ----D---- C:\Users\Ján\AppData\Roaming\IObit
2016-04-25 22:13:29 ----D---- C:\ProgramData\IObit
2016-04-25 22:13:29 ----D---- C:\Program Files (x86)\IObit
2016-04-25 21:07:39 ----A---- C:\Windows\system32\FntCache.dll
2016-04-25 21:07:39 ----A---- C:\Windows\system32\DWrite.dll
2016-04-25 21:07:38 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-04-25 21:07:34 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2016-04-25 21:07:33 ----A---- C:\Windows\system32\d3d10warp.dll
2016-04-25 21:07:25 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-04-25 21:07:24 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-04-25 21:07:15 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-04-25 21:07:14 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-04-25 21:07:05 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2016-04-25 21:07:05 ----A---- C:\Windows\system32\WMPhoto.dll
2016-04-04 19:23:21 ----A---- C:\Windows\system32\certcli.dll
2016-04-04 19:23:20 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-04-04 19:19:51 ----A---- C:\Windows\system32\IEUDINIT.EXE
2016-03-29 01:15:43 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2016-03-29 01:15:43 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-29 01:15:33 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-03-29 01:15:33 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2016-03-29 01:15:33 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-03-29 01:15:33 ----A---- C:\Windows\SYSWOW64\msls31.dll
2016-03-29 01:15:33 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-03-29 01:15:33 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2016-03-29 01:15:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-03-29 01:15:33 ----A---- C:\Windows\system32\elshyph.dll
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\url.dll
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\wextract.exe
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\icardie.dll
2016-03-29 01:15:30 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-03-29 01:15:30 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2016-03-29 01:15:30 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-03-29 01:15:30 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-03-29 01:15:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-03-29 01:15:30 ----A---- C:\Windows\SYSWOW64\mshta.exe
2016-03-29 01:15:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-03-29 01:15:30 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2016-03-29 01:15:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-03-29 01:15:29 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2016-03-29 01:15:29 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2016-03-29 01:15:29 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-03-29 01:15:29 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2016-03-29 01:15:29 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-03-29 01:15:29 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2016-03-29 01:15:28 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2016-03-29 01:15:28 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2016-03-29 01:15:28 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-03-29 01:15:28 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-03-29 01:15:28 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2016-03-29 01:15:27 ----A---- C:\Windows\system32\wininet.dll
2016-03-29 01:15:27 ----A---- C:\Windows\system32\urlmon.dll
2016-03-29 01:15:27 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2016-03-29 01:15:27 ----A---- C:\Windows\system32\msls31.dll
2016-03-29 01:15:27 ----A---- C:\Windows\system32\jsIntl.dll
2016-03-29 01:15:26 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2016-03-29 01:15:26 ----A---- C:\Windows\system32\msrating.dll
2016-03-29 01:15:26 ----A---- C:\Windows\system32\mshtmler.dll
2016-03-29 01:15:26 ----A---- C:\Windows\system32\msfeedssync.exe
2016-03-29 01:15:26 ----A---- C:\Windows\system32\msfeedsbs.dll
2016-03-29 01:15:26 ----A---- C:\Windows\system32\jsproxy.dll
2016-03-29 01:15:26 ----A---- C:\Windows\system32\jscript9diag.dll
2016-03-29 01:15:26 ----A---- C:\Windows\system32\jscript9.dll
2016-03-29 01:15:26 ----A---- C:\Windows\system32\iesysprep.dll
2016-03-29 01:15:26 ----A---- C:\Windows\system32\iertutil.dll
2016-03-29 01:15:26 ----A---- C:\Windows\system32\IEAdvpack.dll
2016-03-29 01:15:25 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-29 01:15:25 ----A---- C:\Windows\system32\ieui.dll
2016-03-29 01:15:25 ----A---- C:\Windows\system32\ieframe.dll
2016-03-29 01:15:25 ----A---- C:\Windows\system32\ieapfltr.dat
2016-03-29 01:15:25 ----A---- C:\Windows\system32\dxtrans.dll
2016-03-29 01:15:25 ----A---- C:\Windows\system32\dxtmsft.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\wextract.exe
2016-03-29 01:15:24 ----A---- C:\Windows\system32\webcheck.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\url.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\mshtmled.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\msfeeds.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\licmgr10.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\inseng.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\iexpress.exe
2016-03-29 01:15:24 ----A---- C:\Windows\system32\iesetup.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\iernonce.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\iedkcs32.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\ieapfltr.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\ie4uinit.exe
2016-03-29 01:15:24 ----A---- C:\Windows\system32\icardie.dll
2016-03-29 01:15:23 ----A---- C:\Windows\system32\vbscript.dll
2016-03-29 01:15:23 ----A---- C:\Windows\system32\pngfilt.dll
2016-03-29 01:15:23 ----A---- C:\Windows\system32\occache.dll
2016-03-29 01:15:23 ----A---- C:\Windows\system32\mshtml.dll
2016-03-29 01:15:23 ----A---- C:\Windows\system32\mshta.exe
2016-03-29 01:15:23 ----A---- C:\Windows\system32\ieUnatt.exe
2016-03-29 01:15:23 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-03-29 01:15:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-03-29 01:15:23 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-03-29 01:15:22 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-03-29 01:15:22 ----A---- C:\Windows\system32\jscript.dll
2016-03-29 01:15:22 ----A---- C:\Windows\system32\imgutil.dll
2016-03-29 01:15:22 ----A---- C:\Windows\system32\iepeers.dll
2016-03-29 00:56:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-03-29 00:56:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-03-29 00:56:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-03-29 00:56:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-03-29 00:56:28 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2016-03-29 00:56:28 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2016-03-29 00:56:28 ----A---- C:\Windows\system32\XpsPrint.dll
2016-03-29 00:56:27 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2016-03-29 00:56:27 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2016-03-29 00:56:27 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2016-03-29 00:56:27 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2016-03-29 00:56:27 ----A---- C:\Windows\system32\dxgi.dll
2016-03-29 00:56:27 ----A---- C:\Windows\system32\d2d1.dll
2016-03-29 00:56:26 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-03-29 00:56:26 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2016-03-29 00:56:26 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-03-29 00:56:26 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2016-03-29 00:56:26 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2016-03-29 00:56:26 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2016-03-29 00:56:26 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2016-03-29 00:56:26 ----A---- C:\Windows\system32\UIAnimation.dll
2016-03-29 00:56:26 ----A---- C:\Windows\system32\d3d10level9.dll
2016-03-29 00:56:26 ----A---- C:\Windows\system32\d3d10core.dll
2016-03-29 00:56:26 ----A---- C:\Windows\system32\d3d10_1core.dll
2016-03-29 00:56:26 ----A---- C:\Windows\system32\d3d10_1.dll
2016-03-29 00:56:26 ----A---- C:\Windows\system32\d3d10.dll
2016-03-28 23:23:28 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-03-28 21:04:26 ----SD---- C:\Windows\SYSWOW64\GWX
2016-03-28 21:04:25 ----SD---- C:\Windows\system32\GWX

======List of files/folders modified in the last 1 month======

2016-04-26 22:13:38 ----D---- C:\Windows\Temp
2016-04-26 22:13:24 ----SHD---- C:\Windows\Installer
2016-04-26 22:13:14 ----D---- C:\Windows\Microsoft.NET
2016-04-26 22:09:07 ----RD---- C:\Program Files
2016-04-26 22:05:54 ----D---- C:\Windows\SysWOW64
2016-04-26 22:05:25 ----D---- C:\Windows\inf
2016-04-26 22:05:21 ----D---- C:\Windows\System32
2016-04-26 22:05:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-04-26 22:00:38 ----SHD---- C:\System Volume Information
2016-04-26 21:55:07 ----D---- C:\Windows\system32\Tasks
2016-04-26 21:52:27 ----D---- C:\Windows\system32\config
2016-04-26 21:47:37 ----HD---- C:\ProgramData
2016-04-26 20:45:14 ----SD---- C:\Program Files (x86)\Total CMA Pack
2016-04-26 20:28:39 ----D---- C:\Windows
2016-04-26 19:38:54 ----D---- C:\Windows\system32\catroot2
2016-04-26 19:38:45 ----D---- C:\Windows\winsxs
2016-04-26 19:32:39 ----D---- C:\Windows\SYSWOW64\sda
2016-04-26 19:32:38 ----D---- C:\Windows\system32\drivers
2016-04-26 19:26:19 ----RSD---- C:\Windows\Fonts
2016-04-26 01:14:00 ----RSD---- C:\Windows\assembly
2016-04-26 00:15:18 ----D---- C:\Windows\SoftwareDistribution
2016-04-26 00:14:32 ----D---- C:\Program Files (x86)\Google
2016-04-26 00:12:19 ----D---- C:\Program Files (x86)\Common Files
2016-04-26 00:11:59 ----D---- C:\Windows\debug
2016-04-25 23:21:50 ----RD---- C:\Program Files (x86)
2016-04-25 23:21:50 ----D---- C:\Program Files\Windows Media Player
2016-04-25 23:21:50 ----D---- C:\Program Files\Common Files\System
2016-04-25 23:21:50 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-04-25 23:21:50 ----D---- C:\Program Files (x86)\Windows Media Player
2016-04-25 22:39:45 ----D---- C:\Windows\system32\catroot
2016-04-25 22:39:29 ----D---- C:\Windows\ehome
2016-04-25 22:39:28 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-04-25 22:39:28 ----D---- C:\Windows\system32\sk-SK
2016-04-25 22:39:28 ----D---- C:\Program Files\Windows Journal
2016-04-25 22:39:27 ----D---- C:\Windows\SYSWOW64\en-US
2016-04-25 22:39:27 ----D---- C:\Windows\system32\en-US
2016-04-25 22:34:42 ----D---- C:\Windows\system32\DriverStore
2016-04-25 22:32:04 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-04-25 22:27:52 ----D---- C:\Windows\Panther
2016-04-25 22:27:52 ----D---- C:\Windows\Logs
2016-04-25 22:27:29 ----D---- C:\Users\Ján\AppData\Roaming\MPC-HC
2016-04-25 22:20:44 ----D---- C:\Windows\SYSWOW64\drivers
2016-04-25 22:17:16 ----D---- C:\Windows\Tasks
2016-04-25 22:08:22 ----D---- C:\Windows\system32\wdi
2016-04-22 09:57:45 ----N---- C:\Windows\system32\MpSigStub.exe
2016-04-04 19:55:18 ----D---- C:\Windows\Prefetch
2016-04-04 19:46:42 ----D---- C:\Program Files\Internet Explorer
2016-04-04 19:46:42 ----D---- C:\Program Files (x86)\Internet Explorer
2016-04-04 19:46:38 ----D---- C:\Windows\SYSWOW64\migration
2016-04-04 19:46:34 ----D---- C:\Windows\system32\migration
2016-04-04 19:46:34 ----D---- C:\Windows\PolicyDefinitions
2016-04-04 19:46:30 ----D---- C:\Windows\SYSWOW64\zh-HK
2016-04-04 19:46:30 ----D---- C:\Windows\SYSWOW64\pt-PT
2016-04-04 19:46:30 ----D---- C:\Windows\SYSWOW64\pt-BR
2016-04-04 19:46:30 ----D---- C:\Windows\SYSWOW64\pl-PL
2016-04-04 19:46:30 ----D---- C:\Windows\SYSWOW64\ko-KR
2016-04-04 19:46:30 ----D---- C:\Windows\SYSWOW64\it-IT
2016-04-04 19:46:30 ----D---- C:\Windows\SYSWOW64\hu-HU
2016-04-04 19:46:30 ----D---- C:\Windows\SYSWOW64\el-GR
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\zh-TW
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\zh-CN
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\tr-TR
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\sv-SE
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\ru-RU
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\nl-NL
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\nb-NO
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\ja-JP
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\fr-FR
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\fi-FI
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\es-ES
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\de-DE
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-04-04 19:46:28 ----D---- C:\Windows\SYSWOW64\da-DK
2016-04-04 19:46:27 ----D---- C:\Windows\system32\zh-HK
2016-04-04 19:46:27 ----D---- C:\Windows\system32\pt-PT
2016-04-04 19:46:27 ----D---- C:\Windows\system32\pt-BR
2016-04-04 19:46:27 ----D---- C:\Windows\system32\pl-PL
2016-04-04 19:46:27 ----D---- C:\Windows\system32\ko-KR
2016-04-04 19:46:27 ----D---- C:\Windows\system32\it-IT
2016-04-04 19:46:27 ----D---- C:\Windows\system32\hu-HU
2016-04-04 19:46:27 ----D---- C:\Windows\system32\el-GR
2016-04-04 19:46:26 ----D---- C:\Windows\system32\zh-TW
2016-04-04 19:46:26 ----D---- C:\Windows\system32\zh-CN
2016-04-04 19:46:26 ----D---- C:\Windows\system32\tr-TR
2016-04-04 19:46:26 ----D---- C:\Windows\system32\sv-SE
2016-04-04 19:46:26 ----D---- C:\Windows\system32\ru-RU
2016-04-04 19:46:26 ----D---- C:\Windows\system32\nl-NL
2016-04-04 19:46:26 ----D---- C:\Windows\system32\nb-NO
2016-04-04 19:46:26 ----D---- C:\Windows\system32\ja-JP
2016-04-04 19:46:26 ----D---- C:\Windows\system32\fr-FR
2016-04-04 19:46:26 ----D---- C:\Windows\system32\fi-FI
2016-04-04 19:46:26 ----D---- C:\Windows\system32\es-ES
2016-04-04 19:46:26 ----D---- C:\Windows\system32\de-DE
2016-04-04 19:46:26 ----D---- C:\Windows\system32\cs-CZ
2016-04-04 19:46:25 ----D---- C:\Windows\system32\da-DK
2016-04-04 19:46:23 ----D---- C:\Windows\system32\drivers\en-US
2016-04-04 19:46:19 ----D---- C:\Windows\SYSWOW64\Dism
2016-04-04 19:46:18 ----D---- C:\Windows\system32\Dism
2016-04-04 19:46:09 ----D---- C:\Windows\system32\AdvancedInstallers
2016-04-04 19:46:02 ----D---- C:\Windows\tracing
2016-04-04 19:46:02 ----D---- C:\Program Files\Windows Defender
2016-04-04 19:46:02 ----D---- C:\Program Files (x86)\Windows Defender
2016-04-04 19:45:53 ----D---- C:\Windows\system32\CodeIntegrity
2016-04-04 19:45:53 ----D---- C:\Windows\system32\Boot
2016-04-04 19:45:38 ----D---- C:\Windows\AppPatch
2016-04-04 19:20:54 ----D---- C:\Windows\AppCompat
2016-03-28 23:57:17 ----D---- C:\Users\Ján\AppData\Roaming\uTorrent
2016-03-28 23:18:17 ----SD---- C:\ProgramData\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2010-08-14 75904]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2010-08-14 38016]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2010-03-22 46192]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-11-13 289120]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-04-25 27552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-06-29 9371136]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-06-28 309760]
R3 CeKbFilter;CeKbFilter; C:\Windows\system32\DRIVERS\CeKbFilter.sys [2016-03-20 20592]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-10 2544232]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-11-13 133816]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-04-25 1027840]
R3 RTSUER;Realtek USB Card Reader - UER; C:\Windows\system32\Drivers\RtsUer.sys [2016-04-25 413912]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2016-04-25 3709656]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-09-30 1393712]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
S3 cpuz138;cpuz138; \??\C:\Users\JNA717~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-07-20 247400]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\Windows\system32\DRIVERS\rtl8192Ce.sys [2011-02-23 1142376]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-06-28 204288]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
R2 ConfigFree Service;Služba ConfigFree; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2010-08-04 1809920]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-01-29 23808]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2010-10-20 138656]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2010-09-28 489384]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-01-29 374344]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-20 154440]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-01-14 2945312]
S3 cfWiMAXService;Služba ConfigFree WiMAX; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-20 154440]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-03-29 114688]
S3 NAUpdate;@c:\Program Files (x86)\Nero\Update\NASvc.exe,-200; c:\Program Files (x86)\Nero\Update\NASvc.exe [2011-03-29 598312]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2015-12-09 55144]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-03-24 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

nový log

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ján at 2016-04-26 22:39:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 266 GB (87%) free of 305 GB
Total RAM: 3692 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:39:28, on 26. 4. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\trend micro\Ján.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
O4 - HKCU\..\Run: [Total CMA Pack] C:\Program Files (x86)\Total CMA Pack\Total CMA Pack.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Služba ConfigFree WiMAX (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: Služba ConfigFree (ConfigFree Service) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8208 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe"
taskeng.exe {EFA62D0D-58A8-481F-8BA3-95C93DD9DCEA}
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {0C27C7D7-5B8A-4B87-B004-F6C6CB0D46DA}
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2196
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\sppsvc.exe
taskeng.exe {E0681345-3606-4628-AD8C-E39A93A9527E}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Users\Ján\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\Partner64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-09-05 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2010-09-28 566184]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-10-28 915320]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-10 11580520]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-11-03 2181224]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-09-30 2387752]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2016-01-29 1340192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Total CMA Pack"=C:\Program Files (x86)\Total CMA Pack\Total CMA Pack.exe [2011-09-30 63290]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-06-29 1409424]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-06-29 336384]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-11-02 2475384]
"Toshiba Registration"=C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [2011-09-05 150992]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2010-08-15 34160]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-04-26 22:36:08 ----D---- C:\_OTM
2016-04-26 22:09:07 ----D---- C:\Program Files\trend micro
2016-04-26 22:09:04 ----D---- C:\rsit
2016-04-26 22:02:56 ----SHD---- C:\Config.Msi
2016-04-26 21:43:26 ----D---- C:\AdwCleaner
2016-04-26 20:45:14 ----D---- C:\Users\Ján\AppData\Roaming\GHISLER
2016-04-26 20:25:50 ----D---- C:\FRST
2016-04-26 00:17:17 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2016-04-26 00:17:17 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2016-04-26 00:17:17 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2016-04-26 00:17:17 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2016-04-26 00:17:17 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2016-04-26 00:17:17 ----A---- C:\Windows\system32\KBDTAT.DLL
2016-04-26 00:17:17 ----A---- C:\Windows\system32\KBDRU1.DLL
2016-04-26 00:17:17 ----A---- C:\Windows\system32\KBDRU.DLL
2016-04-26 00:17:16 ----A---- C:\Windows\system32\KBDYAK.DLL
2016-04-26 00:17:16 ----A---- C:\Windows\system32\KBDBASH.DLL
2016-04-25 23:26:27 ----A---- C:\Windows\SYSWOW64\IObitSmartDefragExtension.dll
2016-04-25 23:26:27 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2016-04-25 23:26:26 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll
2016-04-25 23:26:25 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys
2016-04-25 22:58:07 ----D---- C:\Windows\system32\MRT
2016-04-25 22:58:03 ----A---- C:\Windows\system32\MRT.exe
2016-04-25 22:32:04 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-04-25 22:32:04 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-04-25 22:31:46 ----A---- C:\Windows\SYSWOW64\RsCRIcon.dll
2016-04-25 22:31:46 ----A---- C:\Windows\system32\RtCRX64.dll
2016-04-25 22:31:46 ----A---- C:\Windows\system32\drivers\RtsUer.sys
2016-04-25 22:31:46 ----A---- C:\Windows\RtCRU64.exe
2016-04-25 22:30:46 ----A---- C:\Windows\system32\drivers\rtwlane.sys
2016-04-25 22:21:00 ----D---- C:\Windows\IObit
2016-04-25 22:20:44 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
2016-04-25 22:18:43 ----D---- C:\Users\Ján\AppData\Roaming\ProductData
2016-04-25 22:18:24 ----D---- C:\ProgramData\ProductData
2016-04-25 22:17:36 ----D---- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-04-25 22:13:34 ----D---- C:\Users\Ján\AppData\Roaming\IObit
2016-04-25 22:13:29 ----D---- C:\ProgramData\IObit
2016-04-25 22:13:29 ----D---- C:\Program Files (x86)\IObit
2016-04-25 21:07:39 ----A---- C:\Windows\system32\FntCache.dll
2016-04-25 21:07:39 ----A---- C:\Windows\system32\DWrite.dll
2016-04-25 21:07:38 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-04-25 21:07:34 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2016-04-25 21:07:33 ----A---- C:\Windows\system32\d3d10warp.dll
2016-04-25 21:07:25 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-04-25 21:07:24 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2016-04-25 21:07:15 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-04-25 21:07:14 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-04-25 21:07:05 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2016-04-25 21:07:05 ----A---- C:\Windows\system32\WMPhoto.dll
2016-04-04 19:23:21 ----A---- C:\Windows\system32\certcli.dll
2016-04-04 19:23:20 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-04-04 19:19:51 ----A---- C:\Windows\system32\IEUDINIT.EXE
2016-03-29 01:15:43 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2016-03-29 01:15:43 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-29 01:15:33 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-03-29 01:15:33 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2016-03-29 01:15:33 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-03-29 01:15:33 ----A---- C:\Windows\SYSWOW64\msls31.dll
2016-03-29 01:15:33 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-03-29 01:15:33 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2016-03-29 01:15:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-03-29 01:15:33 ----A---- C:\Windows\system32\elshyph.dll
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\url.dll
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-03-29 01:15:32 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\wextract.exe
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-03-29 01:15:31 ----A---- C:\Windows\SYSWOW64\icardie.dll
2016-03-29 01:15:30 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-03-29 01:15:30 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2016-03-29 01:15:30 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-03-29 01:15:30 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-03-29 01:15:30 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-03-29 01:15:30 ----A---- C:\Windows\SYSWOW64\mshta.exe
2016-03-29 01:15:30 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-03-29 01:15:30 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2016-03-29 01:15:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-03-29 01:15:29 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2016-03-29 01:15:29 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2016-03-29 01:15:29 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-03-29 01:15:29 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2016-03-29 01:15:29 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-03-29 01:15:29 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2016-03-29 01:15:28 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2016-03-29 01:15:28 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2016-03-29 01:15:28 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-03-29 01:15:28 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-03-29 01:15:28 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2016-03-29 01:15:27 ----A---- C:\Windows\system32\wininet.dll
2016-03-29 01:15:27 ----A---- C:\Windows\system32\urlmon.dll
2016-03-29 01:15:27 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2016-03-29 01:15:27 ----A---- C:\Windows\system32\msls31.dll
2016-03-29 01:15:27 ----A---- C:\Windows\system32\jsIntl.dll
2016-03-29 01:15:26 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2016-03-29 01:15:26 ----A---- C:\Windows\system32\msrating.dll
2016-03-29 01:15:26 ----A---- C:\Windows\system32\mshtmler.dll
2016-03-29 01:15:26 ----A---- C:\Windows\system32\msfeedssync.exe
2016-03-29 01:15:26 ----A---- C:\Windows\system32\msfeedsbs.dll
2016-03-29 01:15:26 ----A---- C:\Windows\system32\jsproxy.dll
2016-03-29 01:15:26 ----A---- C:\Windows\system32\jscript9diag.dll
2016-03-29 01:15:26 ----A---- C:\Windows\system32\jscript9.dll
2016-03-29 01:15:26 ----A---- C:\Windows\system32\iesysprep.dll
2016-03-29 01:15:26 ----A---- C:\Windows\system32\iertutil.dll
2016-03-29 01:15:26 ----A---- C:\Windows\system32\IEAdvpack.dll
2016-03-29 01:15:25 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-29 01:15:25 ----A---- C:\Windows\system32\ieui.dll
2016-03-29 01:15:25 ----A---- C:\Windows\system32\ieframe.dll
2016-03-29 01:15:25 ----A---- C:\Windows\system32\ieapfltr.dat
2016-03-29 01:15:25 ----A---- C:\Windows\system32\dxtrans.dll
2016-03-29 01:15:25 ----A---- C:\Windows\system32\dxtmsft.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\wextract.exe
2016-03-29 01:15:24 ----A---- C:\Windows\system32\webcheck.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\url.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\mshtmled.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\msfeeds.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\licmgr10.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\inseng.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\iexpress.exe
2016-03-29 01:15:24 ----A---- C:\Windows\system32\iesetup.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\iernonce.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\iedkcs32.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\ieapfltr.dll
2016-03-29 01:15:24 ----A---- C:\Windows\system32\ie4uinit.exe
2016-03-29 01:15:24 ----A---- C:\Windows\system32\icardie.dll
2016-03-29 01:15:23 ----A---- C:\Windows\system32\vbscript.dll
2016-03-29 01:15:23 ----A---- C:\Windows\system32\pngfilt.dll
2016-03-29 01:15:23 ----A---- C:\Windows\system32\occache.dll
2016-03-29 01:15:23 ----A---- C:\Windows\system32\mshtml.dll
2016-03-29 01:15:23 ----A---- C:\Windows\system32\mshta.exe
2016-03-29 01:15:23 ----A---- C:\Windows\system32\ieUnatt.exe
2016-03-29 01:15:23 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-03-29 01:15:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-03-29 01:15:23 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-03-29 01:15:22 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-03-29 01:15:22 ----A---- C:\Windows\system32\jscript.dll
2016-03-29 01:15:22 ----A---- C:\Windows\system32\imgutil.dll
2016-03-29 01:15:22 ----A---- C:\Windows\system32\iepeers.dll
2016-03-29 00:56:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-03-29 00:56:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-03-29 00:56:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-03-29 00:56:29 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-03-29 00:56:28 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-03-29 00:56:28 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2016-03-29 00:56:28 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2016-03-29 00:56:28 ----A---- C:\Windows\system32\XpsPrint.dll
2016-03-29 00:56:27 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2016-03-29 00:56:27 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2016-03-29 00:56:27 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2016-03-29 00:56:27 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2016-03-29 00:56:27 ----A---- C:\Windows\system32\dxgi.dll
2016-03-29 00:56:27 ----A---- C:\Windows\system32\d2d1.dll
2016-03-29 00:56:26 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-03-29 00:56:26 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2016-03-29 00:56:26 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-03-29 00:56:26 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2016-03-29 00:56:26 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2016-03-29 00:56:26 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2016-03-29 00:56:26 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2016-03-29 00:56:26 ----A---- C:\Windows\system32\UIAnimation.dll
2016-03-29 00:56:26 ----A---- C:\Windows\system32\d3d10level9.dll
2016-03-29 00:56:26 ----A---- C:\Windows\system32\d3d10core.dll
2016-03-29 00:56:26 ----A---- C:\Windows\system32\d3d10_1core.dll
2016-03-29 00:56:26 ----A---- C:\Windows\system32\d3d10_1.dll
2016-03-29 00:56:26 ----A---- C:\Windows\system32\d3d10.dll
2016-03-28 23:23:28 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-03-28 21:04:26 ----SD---- C:\Windows\SYSWOW64\GWX
2016-03-28 21:04:25 ----SD---- C:\Windows\system32\GWX

======List of files/folders modified in the last 1 month======

2016-04-26 22:39:10 ----D---- C:\Windows\Temp
2016-04-26 22:36:08 ----D---- C:\Windows\Tasks
2016-04-26 22:13:24 ----SHD---- C:\Windows\Installer
2016-04-26 22:13:14 ----D---- C:\Windows\Microsoft.NET
2016-04-26 22:09:07 ----RD---- C:\Program Files
2016-04-26 22:05:54 ----D---- C:\Windows\SysWOW64
2016-04-26 22:05:25 ----D---- C:\Windows\inf
2016-04-26 22:05:21 ----D---- C:\Windows\System32
2016-04-26 22:05:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-04-26 22:00:38 ----SHD---- C:\System Volume Information
2016-04-26 21:55:07 ----D---- C:\Windows\system32\Tasks
2016-04-26 21:52:27 ----D---- C:\Windows\system32\config
2016-04-26 21:47:37 ----HD---- C:\ProgramData
2016-04-26 20:45:14 ----SD---- C:\Program Files (x86)\Total CMA Pack
2016-04-26 20:28:39 ----D---- C:\Windows
2016-04-26 19:38:54 ----D---- C:\Windows\system32\catroot2
2016-04-26 19:38:45 ----D---- C:\Windows\winsxs
2016-04-26 19:32:39 ----D---- C:\Windows\SYSWOW64\sda
2016-04-26 19:32:38 ----D---- C:\Windows\system32\drivers
2016-04-26 19:26:19 ----RSD---- C:\Windows\Fonts
2016-04-26 01:14:00 ----RSD---- C:\Windows\assembly
2016-04-26 00:15:18 ----D---- C:\Windows\SoftwareDistribution
2016-04-26 00:14:32 ----D---- C:\Program Files (x86)\Google
2016-04-26 00:12:19 ----D---- C:\Program Files (x86)\Common Files
2016-04-26 00:11:59 ----D---- C:\Windows\debug
2016-04-25 23:21:50 ----RD---- C:\Program Files (x86)
2016-04-25 23:21:50 ----D---- C:\Program Files\Windows Media Player
2016-04-25 23:21:50 ----D---- C:\Program Files\Common Files\System
2016-04-25 23:21:50 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-04-25 23:21:50 ----D---- C:\Program Files (x86)\Windows Media Player
2016-04-25 22:39:45 ----D---- C:\Windows\system32\catroot
2016-04-25 22:39:29 ----D---- C:\Windows\ehome
2016-04-25 22:39:28 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-04-25 22:39:28 ----D---- C:\Windows\system32\sk-SK
2016-04-25 22:39:28 ----D---- C:\Program Files\Windows Journal
2016-04-25 22:39:27 ----D---- C:\Windows\SYSWOW64\en-US
2016-04-25 22:39:27 ----D---- C:\Windows\system32\en-US
2016-04-25 22:34:42 ----D---- C:\Windows\system32\DriverStore
2016-04-25 22:32:04 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-04-25 22:27:52 ----D---- C:\Windows\Panther
2016-04-25 22:27:52 ----D---- C:\Windows\Logs
2016-04-25 22:27:29 ----D---- C:\Users\Ján\AppData\Roaming\MPC-HC
2016-04-25 22:20:44 ----D---- C:\Windows\SYSWOW64\drivers
2016-04-25 22:08:22 ----D---- C:\Windows\system32\wdi
2016-04-22 09:57:45 ----N---- C:\Windows\system32\MpSigStub.exe
2016-04-04 19:55:18 ----D---- C:\Windows\Prefetch
2016-04-04 19:46:42 ----D---- C:\Program Files\Internet Explorer
2016-04-04 19:46:42 ----D---- C:\Program Files (x86)\Internet Explorer
2016-04-04 19:46:38 ----D---- C:\Windows\SYSWOW64\migration
2016-04-04 19:46:34 ----D---- C:\Windows\system32\migration
2016-04-04 19:46:34 ----D---- C:\Windows\PolicyDefinitions
2016-04-04 19:46:30 ----D---- C:\Windows\SYSWOW64\zh-HK
2016-04-04 19:46:30 ----D---- C:\Windows\SYSWOW64\pt-PT
2016-04-04 19:46:30 ----D---- C:\Windows\SYSWOW64\pt-BR
2016-04-04 19:46:30 ----D---- C:\Windows\SYSWOW64\pl-PL
2016-04-04 19:46:30 ----D---- C:\Windows\SYSWOW64\ko-KR
2016-04-04 19:46:30 ----D---- C:\Windows\SYSWOW64\it-IT
2016-04-04 19:46:30 ----D---- C:\Windows\SYSWOW64\hu-HU
2016-04-04 19:46:30 ----D---- C:\Windows\SYSWOW64\el-GR
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\zh-TW
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\zh-CN
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\tr-TR
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\sv-SE
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\ru-RU
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\nl-NL
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\nb-NO
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\ja-JP
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\fr-FR
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\fi-FI
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\es-ES
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\de-DE
2016-04-04 19:46:29 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-04-04 19:46:28 ----D---- C:\Windows\SYSWOW64\da-DK
2016-04-04 19:46:27 ----D---- C:\Windows\system32\zh-HK
2016-04-04 19:46:27 ----D---- C:\Windows\system32\pt-PT
2016-04-04 19:46:27 ----D---- C:\Windows\system32\pt-BR
2016-04-04 19:46:27 ----D---- C:\Windows\system32\pl-PL
2016-04-04 19:46:27 ----D---- C:\Windows\system32\ko-KR
2016-04-04 19:46:27 ----D---- C:\Windows\system32\it-IT
2016-04-04 19:46:27 ----D---- C:\Windows\system32\hu-HU
2016-04-04 19:46:27 ----D---- C:\Windows\system32\el-GR
2016-04-04 19:46:26 ----D---- C:\Windows\system32\zh-TW
2016-04-04 19:46:26 ----D---- C:\Windows\system32\zh-CN
2016-04-04 19:46:26 ----D---- C:\Windows\system32\tr-TR
2016-04-04 19:46:26 ----D---- C:\Windows\system32\sv-SE
2016-04-04 19:46:26 ----D---- C:\Windows\system32\ru-RU
2016-04-04 19:46:26 ----D---- C:\Windows\system32\nl-NL
2016-04-04 19:46:26 ----D---- C:\Windows\system32\nb-NO
2016-04-04 19:46:26 ----D---- C:\Windows\system32\ja-JP
2016-04-04 19:46:26 ----D---- C:\Windows\system32\fr-FR
2016-04-04 19:46:26 ----D---- C:\Windows\system32\fi-FI
2016-04-04 19:46:26 ----D---- C:\Windows\system32\es-ES
2016-04-04 19:46:26 ----D---- C:\Windows\system32\de-DE
2016-04-04 19:46:26 ----D---- C:\Windows\system32\cs-CZ
2016-04-04 19:46:25 ----D---- C:\Windows\system32\da-DK
2016-04-04 19:46:23 ----D---- C:\Windows\system32\drivers\en-US
2016-04-04 19:46:19 ----D---- C:\Windows\SYSWOW64\Dism
2016-04-04 19:46:18 ----D---- C:\Windows\system32\Dism
2016-04-04 19:46:09 ----D---- C:\Windows\system32\AdvancedInstallers
2016-04-04 19:46:02 ----D---- C:\Windows\tracing
2016-04-04 19:46:02 ----D---- C:\Program Files\Windows Defender
2016-04-04 19:46:02 ----D---- C:\Program Files (x86)\Windows Defender
2016-04-04 19:45:53 ----D---- C:\Windows\system32\CodeIntegrity
2016-04-04 19:45:53 ----D---- C:\Windows\system32\Boot
2016-04-04 19:45:38 ----D---- C:\Windows\AppPatch
2016-04-04 19:20:54 ----D---- C:\Windows\AppCompat
2016-03-28 23:57:17 ----D---- C:\Users\Ján\AppData\Roaming\uTorrent
2016-03-28 23:18:17 ----SD---- C:\ProgramData\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2010-08-14 75904]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2010-08-14 38016]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2010-03-22 46192]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-11-13 289120]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-04-25 27552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-06-29 9371136]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-06-28 309760]
R3 CeKbFilter;CeKbFilter; C:\Windows\system32\DRIVERS\CeKbFilter.sys [2016-03-20 20592]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-10 2544232]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-11-13 133816]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-04-25 1027840]
R3 RTSUER;Realtek USB Card Reader - UER; C:\Windows\system32\Drivers\RtsUer.sys [2016-04-25 413912]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2016-04-25 3709656]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-09-30 1393712]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
S3 cpuz138;cpuz138; \??\C:\Users\JNA717~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-07-20 247400]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\Windows\system32\DRIVERS\rtl8192Ce.sys [2011-02-23 1142376]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-06-28 204288]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2010-08-04 1809920]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-01-29 23808]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2010-10-20 138656]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2010-09-28 489384]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-01-29 374344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 ConfigFree Service;Služba ConfigFree; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-20 154440]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-01-14 2945312]
S3 cfWiMAXService;Služba ConfigFree WiMAX; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-20 154440]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-03-29 114688]
S3 NAUpdate;@c:\Program Files (x86)\Nero\Update\NASvc.exe,-200; c:\Program Files (x86)\Nero\Update\NASvc.exe [2011-03-29 598312]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2015-12-09 55144]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-03-24 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

no takto nejako

Obrázek

Na zkoušku vypbněte aut. aktualizace a zkontrolujte zatížení.

Pomohlo síce po vypnutí aktualizácií to vyzeralo zle ale po reštarte to ide celkom fajn. Dá sa to nejako poriešiť alebo mám nechať vypnuté aktualizácie?

po vypnutí aktualizácií
Obrázek

Některá aktualizace se zřejmě nezdařila. Ponechte je vypnuté a zapněte je 2. středu v květnu (datum dalších pravidekných aktualizací. Většinou se povede odstranit ten problém.

VIRY.CZ

Vyťažené CPU

Vyťažené CPU

Re: Vyťažené CPU

Re: Vyťažené CPU

Re: Vyťažené CPU

Re: Vyťažené CPU

Re: Vyťažené CPU

Re: Vyťažené CPU

Re: Vyťažené CPU

Re: Vyťažené CPU