VIRY.CZ

Zdravím,

Znova sa obraciam na toto fórum po len dobrých skúsenostiach s požiadavkou o preventívku tento krát môjho noťasu. Mám jemné podozrenie že spomalenie / mrznutie spôsobuje HDD no chcem to preveriť takto a ak by to fakt bola pravda pristúpim k výmene keďže noťas mám zálohovaný vo všetkom skoro a používam ho ako pracovný prevažne no občas si na ňom niečo aj zahrám.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Caco at 2016-09-15 09:47:03
Microsoft Windows 10 Home
System drive C: has 38 GB (14%) free of 276 GB
Total RAM: 8093 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:47:05, on 15.09.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0545)
Boot mode: Normal

Running processes:
C:\Users\Caco\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Creative\Sound Blaster Play\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Crawler\IMToolPack\IMToolP.exe
C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Users\Caco\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
C:\Program Files\trend micro\Caco.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster Play\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IMToolPack] "C:\Program Files (x86)\Crawler\IMToolPack\IMToolP.exe"
O4 - HKLM\..\Run: [ProductUpdater] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Caco\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [f.lux] "C:\Users\Caco\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Caco\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: League Screensaver (LolScreenSaverService) - Unknown owner - C:\Riot Games\LolScreenSaver\service\service.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14027 bytes

======Listing Processes======

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\atiesrxx.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-03002c0d-1bad-4aac-a060-078ec95b4c4c -SystemEventPortName:HostProcess-3871f94e-9b42-498c-b279-bc08c743d4d7 -IoCancelEventPortName:HostProcess-72aa3844-6f9b-447b-8a38-65b61e16d1d2 -NonStateChangingEventPortName:HostProcess-efce4b50-bf08-4eb1-826d-93d9ff0e5b7f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3e2dba4f-e44d-4214-bf87-5f6688758df0 -DeviceGroupId:WudfDefaultDevicePool
atieclxx
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc

"C:\Riot Games\LolScreenSaver\service\service.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
PopUpReboot
"C:\Program Files\Elantech\ETDCtrl.exe"
sihost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
igfxEM.exe
igfxHK.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding

"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
"C:\Users\Caco\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\Creative\Sound Blaster Play\Volume Panel\VolPanlu.exe" /r
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Crawler\IMToolPack\IMToolP.exe"
"C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe"
"C:\Users\Caco\AppData\Local\Apps\2.0\EXEG6B30.V1W\DOL7CZNY.EJD\lsb...tion_91a10ba61c75c82d_0001.0006_014be6b8b4b27d94\LSB.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Users\Caco\AppData\Roaming\uTorrent\uTorrent.exe" C:\Users\Caco\AppData\Local\Temp\[kickass.cd]-4.torrent
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="5296.3.121696289\433544109" "C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5296 "\\.\pipe\gecko-crash-server-pipe.5296" plugin
"C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe" --proxy-stub-channel=Flash1284.6721D1B8.24831 --host-broker-channel=Flash1284.6721D1B8.21391 --host-pid=1284 --host-npapi-version=29 --plugin-path="C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32_23_0_0_162.dll"
"C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe" --channel=2328.010FF50C.13106327 --proxy-stub-channel=Flash1284.6721D1B8.24831 --plugin-path="C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32_23_0_0_162.dll" --host-npapi-version=29 --type=renderer
taskhostw.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files\Speccy\Speccy64.exe" /uac
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

rundll32.exe aeinv.dll,UpdateSoftwareInventory

"C:\WINDOWS\system32\NOTEPAD.EXE" C:\rsit\info.txt
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Caco\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Caco\AppData\Roaming\Mozilla\Firefox\Profiles\q4ngluuh.default

prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=U270DF&PC=U270&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.162 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.77.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.77.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.162 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.77.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.77.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
NPCrwPd.dll
npMeetingJoinPluginOC.dll
nppdf32.DEU
nppdf32.dll
nppdf32.FRA

C:\Users\Caco\AppData\Roaming\Mozilla\Firefox\Profiles\q4ngluuh.default\searchplugins\
bing-.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-08-27 229064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-03-26 553024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2016-07-12 2348840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-26 214080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll [2011-03-19 164496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27 163528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-26 462400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-07-12 1741104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-26 173120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll [2011-03-19 164496]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-12-09 3242696]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2014-11-25 935104]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2014-04-10 1830616]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2015-12-09 17111056]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2015-12-09 193008]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-30 499608]
"StartCN"=C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-07-18 6626696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Caco\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-14 551112]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-08-23 2857248]
"f.lux"=C:\Users\Caco\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-07-14 29502592]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-11-16 8591272]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-01-15 4177784]
"AdobeBridge"= []
"uTorrent"=C:\Users\Caco\AppData\Roaming\uTorrent\uTorrent.exe [2016-09-12 2139840]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"=C:\Program Files (x86)\Creative\Sound Blaster Play\Volume Panel\VolPanlu.exe [2010-12-08 241757]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"IMToolPack"=C:\Program Files (x86)\Crawler\IMToolPack\IMToolP.exe [2015-01-27 1243024]
"ProductUpdater"=C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [2016-05-11 75264]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
""= []
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2010-10-25 36760]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2010-10-25 821144]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-03-20 595480]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-07-20 5565960]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-09-15 09:44:20 ----D---- C:\rsit
2016-09-15 09:44:20 ----D---- C:\Program Files\trend micro
2016-09-15 09:26:30 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2016-09-15 09:25:35 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2016-09-15 09:25:35 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-09-15 09:25:35 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-09-05 16:47:13 ----HD---- C:\$WINDOWS.~BT
2016-09-03 23:14:15 ----D---- C:\Program Files (x86)\Valve
2016-09-03 20:52:29 ----D---- C:\ProgramData\LogMeIn
2016-09-03 20:52:07 ----AD---- C:\Program Files (x86)\LogMeIn Hamachi
2016-09-03 19:51:38 ----D---- C:\R.G. Catalyst
2016-09-03 14:20:14 ----D---- C:\ProgramData\ATI
2016-09-03 14:11:56 ----A---- C:\WINDOWS\system32\drivers\amdkmpfd.sys
2016-09-03 13:37:41 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2016-09-03 13:37:41 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2016-09-03 13:37:41 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2016-09-03 13:37:41 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2016-09-03 13:36:58 ----D---- C:\Program Files (x86)\VulkanRT
2016-09-03 13:36:11 ----AD---- C:\Program Files (x86)\AMD
2016-09-03 13:00:16 ----D---- C:\Users\Caco\AppData\Roaming\Crystal Dynamics
2016-09-03 12:35:02 ----D---- C:\Program Files (x86)\Rise of the Tomb Raider
2016-09-01 12:41:35 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2016-08-31 20:40:14 ----A---- C:\WINDOWS\SYSWOW64\mantleaxl32.dll
2016-08-31 20:40:14 ----A---- C:\WINDOWS\SYSWOW64\mantle32.dll
2016-08-31 20:40:14 ----A---- C:\WINDOWS\SYSWOW64\hsa-thunk.dll
2016-08-31 20:40:14 ----A---- C:\WINDOWS\SYSWOW64\GameManager32.dll
2016-08-31 20:40:14 ----A---- C:\WINDOWS\SYSWOW64\detoured.dll
2016-08-31 20:40:14 ----A---- C:\WINDOWS\system32\mantleaxl64.dll
2016-08-31 20:40:14 ----A---- C:\WINDOWS\system32\mantle64.dll
2016-08-31 20:40:14 ----A---- C:\WINDOWS\system32\hsa-thunk64.dll
2016-08-31 20:40:14 ----A---- C:\WINDOWS\system32\GameManager64.dll
2016-08-31 20:40:14 ----A---- C:\WINDOWS\system32\dgtrayicon.exe
2016-08-31 20:40:14 ----A---- C:\WINDOWS\system32\detoured.dll
2016-08-31 20:40:14 ----A---- C:\WINDOWS\system32\coinst_16.30.dll
2016-08-31 20:40:12 ----A---- C:\WINDOWS\SYSWOW64\atiuxpag.dll
2016-08-31 20:40:12 ----A---- C:\WINDOWS\SYSWOW64\atiumdva.dll
2016-08-31 20:40:12 ----A---- C:\WINDOWS\SYSWOW64\atiumdag.dll
2016-08-31 20:40:12 ----A---- C:\WINDOWS\system32\clinfo.exe
2016-08-31 20:40:12 ----A---- C:\WINDOWS\system32\ativvaxy_vi_nd.dat
2016-08-31 20:40:12 ----A---- C:\WINDOWS\system32\ativvaxy_vi.dat
2016-08-31 20:40:12 ----A---- C:\WINDOWS\system32\ativvaxy_stn_nd.dat
2016-08-31 20:40:12 ----A---- C:\WINDOWS\system32\ativvaxy_FJ_nd.dat
2016-08-31 20:40:12 ----A---- C:\WINDOWS\system32\ativvaxy_FJ.dat
2016-08-31 20:40:12 ----A---- C:\WINDOWS\system32\ativvaxy_el_nd.dat
2016-08-31 20:40:12 ----A---- C:\WINDOWS\system32\ativvaxy_cz_nd.dat
2016-08-31 20:40:12 ----A---- C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2016-08-31 20:40:12 ----A---- C:\WINDOWS\system32\ativvaxy_cik.dat
2016-08-31 20:40:12 ----A---- C:\WINDOWS\system32\ativce03.dat
2016-08-31 20:40:12 ----A---- C:\WINDOWS\system32\ativce02.dat
2016-08-31 20:40:12 ----A---- C:\WINDOWS\system32\atiuxp64.dll
2016-08-31 20:40:12 ----A---- C:\WINDOWS\system32\atiumd6a.dll
2016-08-31 20:40:10 ----A---- C:\WINDOWS\system32\atiumd64.dll
2016-08-31 20:40:08 ----A---- C:\WINDOWS\SYSWOW64\atiu9pag.dll
2016-08-31 20:40:08 ----A---- C:\WINDOWS\SYSWOW64\atisamu32.dll
2016-08-31 20:40:08 ----A---- C:\WINDOWS\SYSWOW64\atioglxx.dll
2016-08-31 20:40:08 ----A---- C:\WINDOWS\system32\atiu9p64.dll
2016-08-31 20:40:08 ----A---- C:\WINDOWS\system32\atitmm64.dll
2016-08-31 20:40:08 ----A---- C:\WINDOWS\system32\atisamu64.dll
2016-08-31 20:40:08 ----A---- C:\WINDOWS\system32\ATIODE.exe
2016-08-31 20:40:08 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2016-08-31 20:40:08 ----A---- C:\WINDOWS\system32\atio6axx.dll
2016-08-31 20:40:06 ----A---- C:\WINDOWS\SYSWOW64\atimpc32.dll
2016-08-31 20:40:06 ----A---- C:\WINDOWS\SYSWOW64\atiglpxx.dll
2016-08-31 20:40:06 ----A---- C:\WINDOWS\SYSWOW64\atigktxx.dll
2016-08-31 20:40:06 ----A---- C:\WINDOWS\system32\atimuixx.dll
2016-08-31 20:40:06 ----A---- C:\WINDOWS\system32\atimpc64.dll
2016-08-31 20:40:06 ----A---- C:\WINDOWS\system32\atiglpxx.dll
2016-08-31 20:40:06 ----A---- C:\WINDOWS\system32\atig6txx.dll
2016-08-31 20:40:06 ----A---- C:\WINDOWS\system32\atig6pxx.dll
2016-08-31 20:40:06 ----A---- C:\WINDOWS\system32\atiesrxx.exe
2016-08-31 20:40:04 ----A---- C:\WINDOWS\SYSWOW64\atieah32.exe
2016-08-31 20:40:04 ----A---- C:\WINDOWS\SYSWOW64\atidxx32.dll
2016-08-31 20:40:04 ----A---- C:\WINDOWS\system32\atieclxx.exe
2016-08-31 20:40:04 ----A---- C:\WINDOWS\system32\atieah64.exe
2016-08-31 20:40:04 ----A---- C:\WINDOWS\system32\atidxx64.dll
2016-08-31 20:40:02 ----A---- C:\WINDOWS\SYSWOW64\aticfx32.dll
2016-08-31 20:40:02 ----A---- C:\WINDOWS\SYSWOW64\aticalrt.dll
2016-08-31 20:40:02 ----A---- C:\WINDOWS\system32\atidemgy.dll
2016-08-31 20:40:02 ----A---- C:\WINDOWS\system32\aticfx64.dll
2016-08-31 20:40:02 ----A---- C:\WINDOWS\system32\aticalrt64.dll
2016-08-31 20:40:02 ----A---- C:\WINDOWS\system32\aticaldd64.dll
2016-08-31 20:40:00 ----A---- C:\WINDOWS\SYSWOW64\aticaldd.dll
2016-08-31 20:40:00 ----A---- C:\WINDOWS\SYSWOW64\aticalcl.dll
2016-08-31 20:40:00 ----A---- C:\WINDOWS\SYSWOW64\atiadlxy.dll
2016-08-31 20:40:00 ----A---- C:\WINDOWS\SYSWOW64\atiadlxx.dll
2016-08-31 20:40:00 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2016-08-31 20:40:00 ----A---- C:\WINDOWS\system32\aticalcl64.dll
2016-08-31 20:40:00 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2016-08-31 20:40:00 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2016-08-31 20:40:00 ----A---- C:\WINDOWS\system32\amfrt64.dll
2016-08-31 20:39:58 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2016-08-31 20:39:58 ----A---- C:\WINDOWS\SYSWOW64\amfrt32.dll
2016-08-31 20:39:58 ----A---- C:\WINDOWS\system32\OpenCL.dll
2016-08-31 20:39:58 ----A---- C:\WINDOWS\system32\amdxc64.dll
2016-08-31 20:39:56 ----A---- C:\WINDOWS\SYSWOW64\amdxc32.dll
2016-08-31 20:39:54 ----A---- C:\WINDOWS\SYSWOW64\amdvlk32.dll
2016-08-31 20:39:54 ----A---- C:\WINDOWS\system32\amdvlk64.dll
2016-08-31 20:39:52 ----A---- C:\WINDOWS\SYSWOW64\amdpcom32.dll
2016-08-31 20:39:52 ----A---- C:\WINDOWS\SYSWOW64\amdoclvp9lib32.dll
2016-08-31 20:39:52 ----A---- C:\WINDOWS\system32\amdpcom64.dll
2016-08-31 20:39:52 ----A---- C:\WINDOWS\system32\amdoclvp9lib64.dll
2016-08-31 20:39:52 ----A---- C:\WINDOWS\system32\amdocl64.dll
2016-08-31 20:39:52 ----A---- C:\WINDOWS\system32\amdocl12cl64.dll
2016-08-31 20:39:50 ----A---- C:\WINDOWS\SYSWOW64\amdocl12cl.dll
2016-08-31 20:39:50 ----A---- C:\WINDOWS\SYSWOW64\amdocl.dll
2016-08-31 20:39:50 ----A---- C:\WINDOWS\SYSWOW64\amdmmcl.dll
2016-08-31 20:39:50 ----A---- C:\WINDOWS\SYSWOW64\amdmcl32.dll
2016-08-31 20:39:50 ----A---- C:\WINDOWS\system32\amdmmcl6.dll
2016-08-31 20:39:50 ----A---- C:\WINDOWS\system32\amdmiracast.dll
2016-08-31 20:39:50 ----A---- C:\WINDOWS\system32\amdmcl64.dll
2016-08-31 20:39:50 ----A---- C:\WINDOWS\system32\amdmantle64.dll
2016-08-31 20:39:48 ----A---- C:\WINDOWS\SYSWOW64\amdmantle32.dll
2016-08-31 20:39:48 ----A---- C:\WINDOWS\SYSWOW64\amdlvr32.dll
2016-08-31 20:39:48 ----A---- C:\WINDOWS\SYSWOW64\amdhdl32.dll
2016-08-31 20:39:48 ----A---- C:\WINDOWS\SYSWOW64\amdhcp32.dll
2016-08-31 20:39:48 ----A---- C:\WINDOWS\system32\amdlvr64.dll
2016-08-31 20:39:48 ----A---- C:\WINDOWS\system32\amdicdxx.dat
2016-08-31 20:39:48 ----A---- C:\WINDOWS\system32\amdhdl64.dll
2016-08-31 20:39:48 ----A---- C:\WINDOWS\system32\amdhcp64.dll
2016-08-31 20:39:46 ----A---- C:\WINDOWS\SYSWOW64\amdgfxinfo32.dll
2016-08-31 20:39:46 ----A---- C:\WINDOWS\SYSWOW64\amdave32.dll
2016-08-31 20:39:46 ----A---- C:\WINDOWS\system32\drivers\amdacpksd.sys
2016-08-31 20:39:46 ----A---- C:\WINDOWS\system32\amdgfxinfo64.dll
2016-08-31 20:39:46 ----A---- C:\WINDOWS\system32\amde34b.dat
2016-08-31 20:39:46 ----A---- C:\WINDOWS\system32\amde34a.dat
2016-08-31 20:39:46 ----A---- C:\WINDOWS\system32\amde31a.dat
2016-08-31 20:39:46 ----A---- C:\WINDOWS\system32\amdave64.dll
2016-08-27 08:02:24 ----D---- C:\Program Files (x86)\Activision
2016-08-21 03:09:49 ----D---- C:\Cataclysm
2016-08-20 13:24:31 ----HD---- C:\WINDOWS\msdownld.tmp
2016-08-19 20:11:06 ----A---- C:\WINDOWS\SYSWOW64\NlsLexicons0009.dll
2016-08-19 20:11:06 ----A---- C:\WINDOWS\SYSWOW64\NlsData0009.dll
2016-08-19 20:11:06 ----A---- C:\WINDOWS\system32\prm0009.dll
2016-08-19 20:11:06 ----A---- C:\WINDOWS\system32\NlsLexicons0009.dll
2016-08-19 20:11:06 ----A---- C:\WINDOWS\system32\NlsData0009.dll
2016-08-19 17:32:54 ----D---- C:\ProgramData\launcher
2016-08-19 17:32:54 ----D---- C:\ProgramData\explauncher
2016-08-19 17:32:31 ----D---- C:\Program Files\Paragon Software
2016-08-19 17:22:59 ----D---- C:\Program Files (x86)\PowerQuest

======List of files/folders modified in the last 1 month======

2016-09-15 09:47:01 ----D---- C:\Users\Caco\AppData\Roaming\uTorrent
2016-09-15 09:44:25 ----D---- C:\WINDOWS\Prefetch
2016-09-15 09:44:20 ----RD---- C:\Program Files
2016-09-15 09:37:26 ----D---- C:\Users\Caco\AppData\Roaming\vlc
2016-09-15 09:36:07 ----D---- C:\WINDOWS\system32\sru
2016-09-15 09:36:06 ----D---- C:\Windows
2016-09-15 09:36:04 ----D---- C:\WINDOWS\Temp
2016-09-15 09:26:30 ----D---- C:\WINDOWS\system32\drivers
2016-09-15 09:25:46 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-15 09:19:33 ----SHD---- C:\WINDOWS\Installer
2016-09-15 09:19:33 ----SHD---- C:\Config.Msi
2016-09-15 09:19:27 ----DC---- C:\WINDOWS\system32\DRVSTORE
2016-09-15 09:19:27 ----D---- C:\WINDOWS\system32\DriverStore
2016-09-15 09:19:27 ----D---- C:\WINDOWS\INF
2016-09-15 09:17:57 ----D---- C:\Program Files (x86)\Steam
2016-09-15 09:17:46 ----D---- C:\WINDOWS\Logs
2016-09-15 09:17:46 ----D---- C:\WINDOWS\debug
2016-09-15 09:04:51 ----D---- C:\WINDOWS\system32\config
2016-09-15 08:51:02 ----D---- C:\WINDOWS\WinSxS
2016-09-15 08:43:37 ----D---- C:\WINDOWS\Microsoft.NET
2016-09-15 08:43:35 ----RSD---- C:\WINDOWS\assembly
2016-09-15 07:47:36 ----D---- C:\WINDOWS\CbsTemp
2016-09-15 07:11:47 ----D---- C:\WINDOWS\system32\Tasks
2016-09-14 20:13:44 ----D---- C:\WINDOWS\system32\CatRoot
2016-09-14 20:04:12 ----D---- C:\WINDOWS\system32\MRT
2016-09-14 20:03:55 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-09-14 20:03:12 ----D---- C:\ProgramData\Microsoft Help
2016-09-14 20:03:11 ----A---- C:\WINDOWS\win.ini
2016-09-14 20:01:18 ----SHD---- C:\System Volume Information
2016-09-14 18:12:39 ----D---- C:\WINDOWS\AppReadiness
2016-09-14 07:08:47 ----D---- C:\WINDOWS\SysWOW64
2016-09-13 21:01:35 ----D---- C:\WINDOWS\system32\catroot2
2016-09-13 20:10:10 ----D---- C:\WINDOWS\system32\Macromed
2016-09-13 20:10:05 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2016-09-13 20:09:30 ----AD---- C:\WINDOWS\System32
2016-09-13 20:09:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-11 18:29:39 ----HD---- C:\Program Files\WindowsApps
2016-09-07 20:55:11 ----D---- C:\Users\Caco\AppData\Roaming\TS3Client
2016-09-07 03:00:59 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-09-05 16:47:30 ----DC---- C:\WINDOWS\Panther
2016-09-04 21:44:46 ----D---- C:\Users\Caco\AppData\Roaming\Skype
2016-09-03 23:14:15 ----RD---- C:\Program Files (x86)
2016-09-03 20:52:29 ----HD---- C:\ProgramData
2016-09-03 20:10:47 ----D---- C:\WINDOWS\SYSWOW64\directx
2016-09-03 14:11:56 ----AD---- C:\Program Files\AMD
2016-09-03 14:09:01 ----D---- C:\AMD
2016-09-03 13:30:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-03 13:11:59 ----D---- C:\ProgramData\Package Cache
2016-09-02 19:48:31 ----D---- C:\Users\Caco\AppData\Roaming\DAEMON Tools Lite
2016-09-02 19:48:25 ----D---- C:\WINDOWS\Minidump
2016-09-01 21:13:37 ----D---- C:\WINDOWS\system32\appraiser
2016-08-29 15:39:17 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2016-08-20 21:18:57 ----D---- C:\WINDOWS\rescache
2016-08-20 03:47:28 ----D---- C:\WINDOWS\Tasks
2016-08-20 03:47:28 ----D---- C:\WINDOWS\system32\Sysprep
2016-08-20 03:47:28 ----D---- C:\WINDOWS\system32\spp
2016-08-20 03:47:28 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-08-20 03:46:51 ----HD---- C:\WINDOWS\system32\GroupPolicy
2016-08-20 03:46:50 ----D---- C:\WINDOWS\SYSWOW64\GroupPolicy
2016-08-20 03:45:35 ----D---- C:\WINDOWS\system32\wbem
2016-08-20 03:43:16 ----D---- C:\WINDOWS\registration
2016-08-20 03:42:04 ----D---- C:\Riot Games
2016-08-20 03:38:24 ----D---- C:\WINDOWS\system32\LogFiles
2016-08-20 03:38:22 ----SHD---- C:\Recovery
2016-08-19 20:11:25 ----D---- C:\WINDOWS\OCR
2016-08-19 17:58:52 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-08-19 17:58:49 ----D---- C:\WINDOWS\system32\en-US
2016-08-19 17:58:45 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-08-19 17:58:44 ----D---- C:\Program Files\Windows Journal
2016-08-19 17:58:44 ----D---- C:\Program Files\Internet Explorer
2016-08-19 17:58:44 ----D---- C:\Program Files (x86)\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem110.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2016-08-31 78704]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2015-12-09 39008]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-04-23 87552]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2016-03-18 27552]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R3 ACPIVPC;@oem2.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-12-09 35600]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2016-08-31 26719376]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2016-08-31 510096]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2015-10-30 4207104]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-12-10 599240]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-08-03 84992]
R3 CnxtHdAudService;@oem3.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2015-12-09 1561728]
R3 cpuz138;cpuz138; \??\C:\Users\Caco\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [2016-09-15 27320]
R3 dtlitescsibus;@oem22.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-02-05 30264]
R3 dtliteusbbus;@oem26.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-02-05 47672]
R3 ETD;@oem12.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-12-09 525512]
R3 Hamachi;@oem111.inf,%Hamachi.Service.DispName%;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2016-07-20 45680]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-12-09 3797424]
R3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem17.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-07-20 38976]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2015-10-30 121344]
R3 MEIx64;@oem14.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-12-09 195336]
R3 NPF;WinPcap Packet Driver (NPF); C:\WINDOWS\system32\drivers\NPF.sys [2011-02-11 35344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 AndnetBus;@oem37.inf,%LGSI.Service.Desc%;LGE Mobile USB Composite Device; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [2014-05-08 19456]
S3 AndNetDiag;@oem32.inf,%Lgsi.Service.Name%;LGE AndroidNet USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [2014-03-28 29184]
S3 ANDNetModem;@oem34.inf,%LGSI.Service.Name%;LGE AndroidNet USB Modem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [2014-03-28 36352]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-08-03 112640]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-03-29 245760]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-08-03 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2016-08-03 954368]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-12-11 117248]
S3 dg_ssudbus;@oem51.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-04-25 129152]
S3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS []
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 ggflt;@oem53.inf,%SvcFltDesc%;SOMC USB Flash Driver Filter; C:\WINDOWS\System32\drivers\ggflt.sys [2016-05-18 16088]
S3 ggsomc;@oem53.inf,%SvcDesc%;SOMC USB Flash Driver; C:\WINDOWS\System32\drivers\ggsomc.sys [2016-05-18 30424]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 intaud_WaveExtensible;@oem8.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 OAfilt;OAfilt; C:\WINDOWS\system32\drivers\OAfilt.sys [2011-07-15 23552]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-08 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2016-08-31 279184]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-12-09 144072]
R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2016-05-11 9216]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-12-09 330136]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-07-20 419248]
R2 LolScreenSaverService;League Screensaver; C:\Riot Games\LolScreenSaver\service\service.exe [2016-03-30 707072]
R2 OneSyncSvc_36925;Sync Host_36925; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-12-09 291744]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-24 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2013-07-25 206552]
S2 DUMeterSvc;DU Meter Service; C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [2016-04-27 5831832]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-09 144200]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2016-07-20 2554376]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_118ad0;Sync Host_118ad0; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_22627;Sync Host_22627; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_26764;Sync Host_26764; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_27418;Sync Host_27418; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2ac8c;Sync Host_2ac8c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2b4b9;Sync Host_2b4b9; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2ce44;Sync Host_2ce44; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2db60;Sync Host_2db60; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2e1ed;Sync Host_2e1ed; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2e201;Sync Host_2e201; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2e2a7;Sync Host_2e2a7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2e347;Sync Host_2e347; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2ef06;Sync Host_2ef06; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2fbbc;Sync Host_2fbbc; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2ff6d;Sync Host_2ff6d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_306d4;Sync Host_306d4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_30963;Sync Host_30963; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_30ab6;Sync Host_30ab6; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_31010;Sync Host_31010; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_313c2;Sync Host_313c2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_31634;Sync Host_31634; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_321b5;Sync Host_321b5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_32228;Sync Host_32228; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3233f;Sync Host_3233f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3252a;Sync Host_3252a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_32c06;Sync Host_32c06; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_32d29;Sync Host_32d29; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_32d45;Sync Host_32d45; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_32e7a;Sync Host_32e7a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_32f16;Sync Host_32f16; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_33148;Sync Host_33148; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_334cc;Sync Host_334cc; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_33dcb;Sync Host_33dcb; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_341a4;Sync Host_341a4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_34bd5;Sync Host_34bd5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3563c;Sync Host_3563c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_35658;Sync Host_35658; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_35661;Sync Host_35661; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3573e;Sync Host_3573e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_36d7c;Sync Host_36d7c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_37205;Sync Host_37205; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_38fbd;Sync Host_38fbd; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3c19a;Sync Host_3c19a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3cb45;Sync Host_3cb45; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_403d9;Sync Host_403d9; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4d01f;Sync Host_4d01f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4fbb0;Sync Host_4fbb0; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_6733d;Sync Host_6733d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_6a868;Sync Host_6a868; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_711ec;Sync Host_711ec; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_72aee;Sync Host_72aee; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_7bbb2;Sync Host_7bbb2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_e6ad187;Sync Host_e6ad187; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13 270016]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2015-12-09 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2015-12-09 79360]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-01-15 1369464]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-09 144200]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_118ad0;MessagingService_118ad0; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_22627;MessagingService_22627; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_26764;MessagingService_26764; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_27418;MessagingService_27418; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2ac8c;MessagingService_2ac8c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2b4b9;MessagingService_2b4b9; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2ce44;MessagingService_2ce44; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2db60;MessagingService_2db60; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2e1ed;MessagingService_2e1ed; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2e201;MessagingService_2e201; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2e2a7;MessagingService_2e2a7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2e347;MessagingService_2e347; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2ef06;MessagingService_2ef06; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2fbbc;MessagingService_2fbbc; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2ff6d;MessagingService_2ff6d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_306d4;MessagingService_306d4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_30963;MessagingService_30963; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_30ab6;MessagingService_30ab6; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_31010;MessagingService_31010; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_313c2;MessagingService_313c2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_31634;MessagingService_31634; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_321b5;MessagingService_321b5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_32228;MessagingService_32228; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3233f;MessagingService_3233f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3252a;MessagingService_3252a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_32c06;MessagingService_32c06; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_32d29;MessagingService_32d29; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_32d45;MessagingService_32d45; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_32e7a;MessagingService_32e7a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_32f16;MessagingService_32f16; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_33148;MessagingService_33148; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_334cc;MessagingService_334cc; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_33dcb;MessagingService_33dcb; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_341a4;MessagingService_341a4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_34bd5;MessagingService_34bd5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3563c;MessagingService_3563c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_35658;MessagingService_35658; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_35661;MessagingService_35661; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3573e;MessagingService_3573e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_36925;MessagingService_36925; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_36d7c;MessagingService_36d7c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_37205;MessagingService_37205; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_38fbd;MessagingService_38fbd; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3c19a;MessagingService_3c19a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3cb45;MessagingService_3cb45; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_403d9;MessagingService_403d9; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_4d01f;MessagingService_4d01f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_4fbb0;MessagingService_4fbb0; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_6733d;MessagingService_6733d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_6a868;MessagingService_6a868; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_711ec;MessagingService_711ec; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_72aee;MessagingService_72aee; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_7bbb2;MessagingService_7bbb2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_e6ad187;MessagingService_e6ad187; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-09-01 146888]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_118ad0;Contact Data_118ad0; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_22627;Contact Data_22627; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_26764;Contact Data_26764; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_27418;Contact Data_27418; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2ac8c;Contact Data_2ac8c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2b4b9;Contact Data_2b4b9; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2ce44;Contact Data_2ce44; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2db60;Contact Data_2db60; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2e1ed;Contact Data_2e1ed; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2e201;Contact Data_2e201; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2e2a7;Contact Data_2e2a7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2e347;Contact Data_2e347; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2ef06;Contact Data_2ef06; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2fbbc;Contact Data_2fbbc; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2ff6d;Contact Data_2ff6d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_306d4;Contact Data_306d4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_30963;Contact Data_30963; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_30ab6;Contact Data_30ab6; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_31010;Contact Data_31010; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_313c2;Contact Data_313c2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_31634;Contact Data_31634; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_321b5;Contact Data_321b5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_32228;Contact Data_32228; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3233f;Contact Data_3233f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3252a;Contact Data_3252a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_32c06;Contact Data_32c06; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_32d29;Contact Data_32d29; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_32d45;Contact Data_32d45; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_32e7a;Contact Data_32e7a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_32f16;Contact Data_32f16; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_33148;Contact Data_33148; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_334cc;Contact Data_334cc; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_33dcb;Contact Data_33dcb; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_341a4;Contact Data_341a4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_34bd5;Contact Data_34bd5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3563c;Contact Data_3563c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_35658;Contact Data_35658; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_35661;Contact Data_35661; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3573e;Contact Data_3573e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------

Krasny den Vam preju

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan (Skenovani), pote na Cleaning (Cisteni)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah zkopirujte do pristi odpovedi

# AdwCleaner v6.020 - Logfile created 16/09/2016 at 19:31:20
# Updated on 14/09/2016 by ToolsLib
# Database : 2016-09-16.1 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Caco - DESKTOP-UUTGOCQ
# Running from : C:\Users\Caco\Desktop\adwcleaner_6.020.exe
# Mode: Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder deleted: C:\Program Files (x86)\MTV20151125
[-] Folder deleted: C:\Program Files\amdidx
[-] Folder deleted: C:\Program Files (x86)\Crawler
[-] Folder deleted: C:\Program Files (x86)\Common Files\freemake shared
[-] Folder deleted: C:\Users\Caco\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd

***** [ Files ] *****

[-] File deleted: C:\Users\Caco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fcfenmboojpjinhpgggodefccipikbpd_0.localstorage

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\CShared.TB4Client
[-] Key deleted: HKLM\SOFTWARE\Classes\CShared.TB4Script
[-] Key deleted: HKLM\SOFTWARE\Classes\CShared.TB4Server
[-] Key deleted: HKLM\SOFTWARE\Classes\CShared.TB4Server2
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\CShared.TB4Client
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\CShared.TB4Script
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\CShared.TB4Server
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\CShared.TB4Server2
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{DB35C569-5624-4CFC-8043-E5139F55A073}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key deleted: HKU\S-1-5-21-1361181530-3041110137-370684819-1001\Software\CToolbar
[#] Key deleted on reboot: HKCU\Software\CToolbar
[-] Key deleted: HKLM\SOFTWARE\CToolbar
[#] Key deleted on reboot: [x64] HKCU\Software\CToolbar
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd

***** [ Web browsers ] *****

[-] [C:\Users\Caco\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: mysites123
[-] [C:\Users\Caco\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: fcfenmboojpjinhpgggodefccipikbpd

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [15377 Bytes] - [04/01/2016 02:22:58]
C:\AdwCleaner\AdwCleaner[C2].txt - [3747 Bytes] - [16/09/2016 19:31:20]
C:\AdwCleaner\AdwCleaner[S1].txt - [18613 Bytes] - [04/01/2016 02:17:54]
C:\AdwCleaner\AdwCleaner[S2].txt - [3861 Bytes] - [16/09/2016 19:29:50]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [3967 Bytes] ##########

Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.

The requested URL /pro_usery/FRSTLauncher.exe was not found on this server.

Pouzijte tedy jen samotny FRST.exe/FRST64.exe

Logy v prílohe /Vaše zpráva obsahuje 142279 znaků. Maximální povolený počet znaků je 100000./

Na disk jeste mrkneme. OS uz krici, ze s nim neco neni uplne v poradku.

Kód: Vybrat vše

System errors:
=============
Error: (09/18/2016 09:21:11 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Odinstalujte starou a zranitelnou verzi Javy. Pokud Javu potrebujete, pak nainstalujte novou z java.com/verify - pozor na adware pri instalaci. Pote se presvedcte, ze starsi verze jsou odinstalovane. Z hlediska bezpecnosti (zranitelnosti a exploity) je lepsi ji nemit. Aktualni je 8U101. Verze Javy, ktere v PC mate nainstalovane:

Java 8 Update 77 (64-bit)
Java 8 Update 77

Po restartu dejte vedet, jak se PC chova.

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
File: C:\Users\Caco\Downloads\Stream\Twitch-Alerts\Twitch  Alerts\Release\NativeMessagingInterface.exe
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\...\MountPoints2: {28362303-d0b7-11e5-9be3-48d224a53a59} - "H:\LG_PC_Programs.exe" 
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\...\MountPoints2: {506d75fc-aa17-11e5-9bd3-48d224a57b6d} - "G:\autorun.exe" 
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\...\MountPoints2: {74348584-41c9-11e6-9c05-48d224a53a59} - "D:\autorun.exe" 
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\...\MountPoints2: {bda30cf8-166e-11e6-9bf8-48d224a53a59} - "G:\autorun.exe" 
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\...\MountPoints2: {c3dbec74-cb7e-11e5-9be2-48d224a53a59} - "G:\setup.exe" 
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\...\MountPoints2: {c3dbed6e-cb7e-11e5-9be2-48d224a53a59} - "G:\Setup.exe" 
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\...\MountPoints2: {cf3e40e9-18e3-11e6-9bfa-208984f6fee5} - "D:\autorun.exe" 
FF Extension: (Constant Fun) - C:\Users\Caco\AppData\Roaming\Mozilla\Firefox\Profiles\q4ngluuh.default\Extensions\{842ae454-3d80-4049-bd27-7cf40a44d677}.xpi [2016-01-02] [not signed]
File: C:\Program Files (x86)\mozilla firefox\9E22C67768FD6FA517BDDBFFE048EE9C9E22
Folder: C:\Program Files (x86)\mozilla firefox\9E22C67768FD6FA517BDDBFFE048EE9C9E22
CMD: type "C:\Program Files (x86)\mozilla firefox\9E22C67768FD6FA517BDDBFFE048EE9C9E22"
CHR DefaultSearchURL: Default -> hxxp://mysites123.com/web?type=ds&ts=1451865786&z=1d1a0f887a98c598eb20c2dg2z8w7g2bbqew0m4b4q&from=amt&uid=st500lm000-1ej162_w370dnbmxxxxw370dnbm&q={searchTerms}
CHR DefaultSearchKeyword: Default -> mysites123
2016-09-16 19:27 - 2016-09-16 19:28 - 03861056 _____ C:\Users\Caco\Desktop\adwcleaner_6.020.exe
2016-09-15 09:44 - 2016-09-15 09:47 - 00000000 ____D C:\Program Files\trend micro
2016-09-15 09:44 - 2016-09-15 09:44 - 00000000 ____D C:\rsit
2016-09-15 09:42 - 2016-09-15 09:44 - 01222144 _____ C:\Users\Caco\Downloads\RSITx64.exe
2016-09-15 09:20 - 2016-09-15 09:21 - 22851472 _____ (Malwarebytes ) C:\Users\Caco\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-17 19:37 - 2016-01-04 03:52 - 00003804 _____ C:\WINDOWS\System32\Tasks\AutoKMS
File: C:\Users\Caco\AppData\Local\Y-ex.dat
Task: {F9E69D76-3F5F-4CDC-A77F-7439E8C05504} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2016-01-04] ()
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End

Odinštalované a fixnuté.

Zatiaľ to neprimrzlo vôbec. Čo sa raz za hodinku stávalo. Vyzerá to lepšie.
//Edit, cca po hodine aj niečo znova primrznutie...

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-09-2016
Ran by Caco (18-09-2016 15:49:00) Run:1
Running from C:\Users\Caco\Desktop
Loaded Profiles: Caco (Available Profiles: Caco)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\Users\Caco\Downloads\Stream\Twitch-Alerts\Twitch Alerts\Release\NativeMessagingInterface.exe
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\...\MountPoints2: {28362303-d0b7-11e5-9be3-48d224a53a59} - "H:\LG_PC_Programs.exe"
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\...\MountPoints2: {506d75fc-aa17-11e5-9bd3-48d224a57b6d} - "G:\autorun.exe"
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\...\MountPoints2: {74348584-41c9-11e6-9c05-48d224a53a59} - "D:\autorun.exe"
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\...\MountPoints2: {bda30cf8-166e-11e6-9bf8-48d224a53a59} - "G:\autorun.exe"
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\...\MountPoints2: {c3dbec74-cb7e-11e5-9be2-48d224a53a59} - "G:\setup.exe"
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\...\MountPoints2: {c3dbed6e-cb7e-11e5-9be2-48d224a53a59} - "G:\Setup.exe"
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\...\MountPoints2: {cf3e40e9-18e3-11e6-9bfa-208984f6fee5} - "D:\autorun.exe"
FF Extension: (Constant Fun) - C:\Users\Caco\AppData\Roaming\Mozilla\Firefox\Profiles\q4ngluuh.default\Extensions\{842ae454-3d80-4049-bd27-7cf40a44d677}.xpi [2016-01-02] [not signed]
File: C:\Program Files (x86)\mozilla firefox\9E22C67768FD6FA517BDDBFFE048EE9C9E22
Folder: C:\Program Files (x86)\mozilla firefox\9E22C67768FD6FA517BDDBFFE048EE9C9E22
CMD: type "C:\Program Files (x86)\mozilla firefox\9E22C67768FD6FA517BDDBFFE048EE9C9E22"
CHR DefaultSearchURL: Default -> hxxp://mysites123.com/web?type=ds&ts=1451865786&z=1d1a0f887a98c598eb20c2dg2z8w7g2bbqew0m4b4q&from=amt&uid=st500lm000-1ej162_w370dnbmxxxxw370dnbm&q={searchTerms}
CHR DefaultSearchKeyword: Default -> mysites123
2016-09-16 19:27 - 2016-09-16 19:28 - 03861056 _____ C:\Users\Caco\Desktop\adwcleaner_6.020.exe
2016-09-15 09:44 - 2016-09-15 09:47 - 00000000 ____D C:\Program Files\trend micro
2016-09-15 09:44 - 2016-09-15 09:44 - 00000000 ____D C:\rsit
2016-09-15 09:42 - 2016-09-15 09:44 - 01222144 _____ C:\Users\Caco\Downloads\RSITx64.exe
2016-09-15 09:20 - 2016-09-15 09:21 - 22851472 _____ (Malwarebytes ) C:\Users\Caco\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-17 19:37 - 2016-01-04 03:52 - 00003804 _____ C:\WINDOWS\System32\Tasks\AutoKMS
File: C:\Users\Caco\AppData\Local\Y-ex.dat
Task: {F9E69D76-3F5F-4CDC-A77F-7439E8C05504} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2016-01-04] ()
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.

========================= File: C:\Users\Caco\Downloads\Stream\Twitch-Alerts\Twitch Alerts\Release\NativeMessagingInterface.exe ========================

File not signed
MD5: A4CCA5998EF43A40EA0C0D1C0D3FF6A7
Creation and modification date: 2016-03-04 20:17 - 2016-02-27 04:23
Size: 0207872
Attributes: ----A
Company Name:
Internal Name: NativeMessagingInterface.exe
Original Name: NativeMessagingInterface.exe
Product: NativeMessagingInterface
Description: NativeMessagingInterface
File Version: 1.0.0.0
Product Version: 1.0.0.0
Copyright: Copyright © 2016

====== End of File: ======

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5.5ServiceManager => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Acrobat Speed Launcher => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value not found.
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
HKU\S-1-5-21-1361181530-3041110137-370684819-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
"HKU\S-1-5-21-1361181530-3041110137-370684819-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{28362303-d0b7-11e5-9be3-48d224a53a59}" => key removed successfully
HKCR\CLSID\{28362303-d0b7-11e5-9be3-48d224a53a59} => key not found.
"HKU\S-1-5-21-1361181530-3041110137-370684819-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{506d75fc-aa17-11e5-9bd3-48d224a57b6d}" => key removed successfully
HKCR\CLSID\{506d75fc-aa17-11e5-9bd3-48d224a57b6d} => key not found.
"HKU\S-1-5-21-1361181530-3041110137-370684819-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{74348584-41c9-11e6-9c05-48d224a53a59}" => key removed successfully
HKCR\CLSID\{74348584-41c9-11e6-9c05-48d224a53a59} => key not found.
"HKU\S-1-5-21-1361181530-3041110137-370684819-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bda30cf8-166e-11e6-9bf8-48d224a53a59}" => key removed successfully
HKCR\CLSID\{bda30cf8-166e-11e6-9bf8-48d224a53a59} => key not found.
"HKU\S-1-5-21-1361181530-3041110137-370684819-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c3dbec74-cb7e-11e5-9be2-48d224a53a59}" => key removed successfully
HKCR\CLSID\{c3dbec74-cb7e-11e5-9be2-48d224a53a59} => key not found.
"HKU\S-1-5-21-1361181530-3041110137-370684819-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c3dbed6e-cb7e-11e5-9be2-48d224a53a59}" => key removed successfully
HKCR\CLSID\{c3dbed6e-cb7e-11e5-9be2-48d224a53a59} => key not found.
"HKU\S-1-5-21-1361181530-3041110137-370684819-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf3e40e9-18e3-11e6-9bfa-208984f6fee5}" => key removed successfully
HKCR\CLSID\{cf3e40e9-18e3-11e6-9bfa-208984f6fee5} => key not found.
C:\Users\Caco\AppData\Roaming\Mozilla\Firefox\Profiles\q4ngluuh.default\Extensions\{842ae454-3d80-4049-bd27-7cf40a44d677}.xpi => moved successfully

========================= File: C:\Program Files (x86)\mozilla firefox\9E22C67768FD6FA517BDDBFFE048EE9C9E22 ========================

File not signed
MD5: FC795B183E35AABF93691B6876D023FA
Creation and modification date: 2016-09-01 12:41 - 2016-01-04 02:09
Size: 0003632
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======

========================= Folder: C:\Program Files (x86)\mozilla firefox\9E22C67768FD6FA517BDDBFFE048EE9C9E22 ========================

C:\Program Files (x86)\mozilla firefox\9E22C67768FD6FA517BDDBFFE048EE9C9E22 => File

====== End of Folder: ======

========= type "C:\Program Files (x86)\mozilla firefox\9E22C67768FD6FA517BDDBFFE048EE9C9E22" =========

<<-sv€-yv{r-z‚€-or-rz}††-n-||-J-P|z}|{r{€;pyn€€r€h/Mz|‡vyyn;|t<}rsrr{pr€:€rvprH>/j;tr`rvpr5P|z}|{r{€;v{rsnpr€;{€V]rs`rvpr6;trOn{pu5//6Hvs-5||;tr]rsa†}r5/qnnr}|v{t;urnyur}|;‚}y|nqR{noyrq/6-.J-||;]_RSlV[cNYVQ6y|px]rs5/qnnr}|v{t;urnyur}|;‚}y|nqR{noyrq/9-sny€r6Hvs-5||;tr]rsa†}r5/qnnr}|v{t;urnyur}|;€rvpr;r{noyrq/6-.J-||;]_RSlV[cNYVQ6y|px]rs5/qnnr}|v{t;urnyur}|;€rvpr;r{noyrq/9-sny€r6Hvs-5||;tr]rsa†}r5/qnnr}|v{t;}|yvp†;qnn`‚ozv€€v|{R{noyrq/6-.J-||;]_RSlV[cNYVQ6y|px]rs5/qnnr}|v{t;}|yvp†;qnn`‚ozv€€v|{R{noyrq/9-sny€r6Hvs-5||;tr]rsa†}r5/||yxv;ryrzr†;r{noyrq/6-.J-||;]_RSlV[cNYVQ6y|px]rs5/||yxv;ryrzr†;r{noyrq/9-sny€r6HP|z}|{r{€;pyn€€r€h/Mz|‡vyyn;|t<||yxv<pn€u:r}|rH>/j;tr`rvpr5P|z}|{r{€;v{rsnpr€;{€VPn€u_r}|r6;€‚ozv_r}|€-J-sny€rHn-p-J-P|z}|{r{€;pyn€€r€h/Mz|‡vyyn;|t<…}p|z<r€v|{:p|z}nn|H>/j;tr`rvpr5P|z}|{r{€;v{rsnpr€;{€Vcr€v|{P|z}nn|6Hn-v{s|-J-P|z}|{r{€;pyn€€r€h/Mz|‡vyyn;|t<…r<n}}:v{s|H>/j;tr`rvpr5P|z}|{r{€;v{rsnpr€;{€VebYN}}V{s|6Hvs-5p;p|z}nr5v{s|;r€v|{9-/A>/6-KJ-=-33----||;tr]rsa†}r5/…}v{€nyy;€vt{n‚r€;r~‚vrq/6-.J-||;]_RSlV[cNYVQ6y|px]rs5/…}v{€nyy;€vt{n‚r€;r~‚vrq/9-sny€r6Hvs-5p;p|z}nr5v{s|;r€v|{9-/A=/6-KJ-=-33----||;tr]rsa†}r5/€rp‚v†;p€};r{noyr/6-.J-||;]_RSlV[cNYVQ6y|px]rs5/€rp‚v†;p€};r{noyr/9-sny€r6HŠ-pnpu-5r6-<<qv€}yn†R|5/r…pr}v|{/9-r6HŠ†-p|{€-Pp-J-P|z}|{r{€;pyn€€r€Hp|{€-Pv-J-P|z}|{r{€;v{rsnpr€Hp|{€-P‚-J-P|z}|{r{€;‚vy€HP‚;vz}|5/r€|‚prG<<tr<z|q‚yr€<Nqq|{Zn{ntr;w€z/6Hn-r{-J-Pph/Mz|‡vyyn;|t<}|pr€€<r{v|{zr{H>/j;tr`rvpr5Pv;{€VR{v|{zr{6Hn-y|pnyn}}qnn-J-r{;tr5/Y\PNYN]]QNaN/6Hvs-5y|pnyn}}qnn-JJ-//6y|pnyn}}qnn-J-r{;tr5/b`R_]_\SVYR/6-8-/iiY|pny-`rv{t€iiN}}yvpnv|{-Qnn/Hn-svyr-J-Pph/Mz|‡vyyn;|t<svyr<y|pnyH>/j;prnrV{€n{pr5Pv;{€VY|pnySvyr6Hsvyr;v{vdvu]nu5y|pnyn}}qnn-8-/iiXv{t-|s-U‚{riiP|z}|{r{?ii}y‚tv{/6Hvs-5svyr;r…v€€566-Nqq|{Zn{ntr]vnr;€n‚}56Hn-v{€nyyrq-J-=HNqq|{Zn{ntr;trNqq|{O†VQ5/MFR??PCDDCESQCSNB>DOQQOSSR=AERRFPFR??/9-s‚{pv|{5n6-v{€nyyrq-J->HŠ6Hn-}rs€-J-Pph/Mz|‡vyyn;|t<}rsrr{pr€:€rvprH>/j;tr`rvpr5Pv;{€V]rs`rvpr6Hn-on{pu-J-}rs€;trOn{pu5/FR??PCDDCESQCSNB>DOQQOSSR=AERRFPFR??;/6Hn-„n€V{€nyyrq-J-on{pu;tr]rsa†}r5/v/6-JJ-on{pu;]_RSlO\\Y-33---on{pu;trO||y]rs5/v/6-JJ-‚rHvs-5.v{€nyyrq-33-.„n€V{€nyyrq6-Nqq|{Zn{ntr;trV{€nyyS|Svyr5svyr9-s‚{pv|{5n6--n;v{€nyy56H-Š-6HNqq|{Zn{ntr;trNqq|{O†VQ5/MFR??PCDDCESQCSNB>DOQQOSSR=AERRFPFR??/9-s‚{pv|{5n6--n;‚€rQv€noyrq-J-sny€rH-Š6Hon{pu;€rO||y]rs5/v/9-‚r6HŠŠn-svyr?-J-Pph/Mz|‡vyyn;|t<svyr<y|pnyH>/j;prnrV{€n{pr5Pv;{€VY|pnySvyr6Hsvyr?;v{vdvu]nu5y|pnyn}}qnn-8-/iiXv{t-|s-U‚{riiP|z}|{r{?ii‚}qnr/6Hvs-5svyr?;r…v€€566-n-qnn-J-//Hn-s€rnz-J-P|z}|{r{€;pyn€€r€h/Mz|‡vyyn;|t<{r„|x<svyr:v{}‚:€rnzH>/j;------prnrV{€n{pr5P|z}|{r{€;v{rsnpr€;{€VSvyrV{}‚`rnz6Hn-p€rnz-J-P|z}|{r{€;pyn€€r€h/Mz|‡vyyn;|t<v{y<p|{rr:v{}‚:€rnzH>/j;------prnrV{€n{pr5P|z}|{r{€;v{rsnpr€;{€VP|{rrV{}‚`rnz6Hs€rnz;v{v5svyr?9-:>9-=9-=6Hp€rnz;v{v5s€rnz9-{‚yy9-=9-=6Hn-€-J-ŠHn-rnq-J-=Hq|-rnq-J-p€rnz;rnq`v{t5=…ssssssss9-€6Hqnn-8J-€;ny‚rHŠ-„uvyr-5rnq-.J-=6Hp€rnz;py|€r56Hrny5qnn6HŠŠ-pnpu-5r6-<<qv€}yn†R|5/r…pr}v|{/9-r6HŠ
========= End of CMD: =========

Chrome DefaultSearchURL => removed successfully
Chrome DefaultSearchKeyword => removed successfully
"C:\Users\Caco\Desktop\adwcleaner_6.020.exe" => not found.
C:\Program Files\trend micro => moved successfully
C:\rsit => moved successfully
C:\Users\Caco\Downloads\RSITx64.exe => moved successfully
C:\Users\Caco\Downloads\mbam-setup-2.2.1.1043.exe => moved successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully

========================= File: C:\Users\Caco\AppData\Local\Y-ex.dat ========================

File not signed
MD5: C0E1CEAD2467C4434DCB3575D909C8E6
Creation and modification date: 2016-01-04 02:10 - 2016-01-04 02:10
Size: 0041472
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{F9E69D76-3F5F-4CDC-A77F-7439E8C05504}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9E69D76-3F5F-4CDC-A77F-7439E8C05504}" => key removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully

========= dir "C:\PROGRA~1" =========

Volume in drive C has no label.
Volume Serial Number is E859-5D06

Directory of C:\PROGRA~1

18.09.2016 15:49 <DIR> .
18.09.2016 15:49 <DIR> ..
30.01.2016 16:14 <DIR> Adobe
03.09.2016 14:11 <DIR> AMD
09.12.2015 20:38 <DIR> CCleaner
30.01.2016 15:38 <DIR> Common Files
11.12.2015 04:58 <DIR> CONEXANT
09.12.2015 21:06 <DIR> Creative
05.02.2016 14:27 <DIR> DAEMON Tools Lite
09.12.2015 20:37 <DIR> Defraggler
09.12.2015 21:17 <DIR> DIFX
11.12.2015 04:57 <DIR> Dolby Digital Plus
11.12.2015 04:56 <DIR> Elantech
11.12.2015 04:57 <DIR> Intel
15.09.2016 21:18 <DIR> Internet Explorer
09.12.2015 21:16 <DIR> Lenovo
09.12.2015 20:34 <DIR> Microsoft Analysis Services
09.12.2015 20:35 <DIR> Microsoft Office
09.12.2015 20:36 <DIR> Microsoft SQL Server
11.12.2015 05:03 <DIR> Microsoft.NET
11.12.2015 13:42 <DIR> MSBuild
04.03.2016 19:45 <DIR> OBS
19.08.2016 17:32 <DIR> Paragon Software
11.12.2015 13:42 <DIR> Reference Assemblies
31.12.2015 13:27 <DIR> Speccy
09.12.2015 20:45 <DIR> VideoLAN
15.09.2016 21:18 <DIR> Windows Defender
15.09.2016 21:18 <DIR> Windows Mail
15.09.2016 21:18 <DIR> Windows Media Player
12.03.2016 02:05 <DIR> Windows Multimedia Platform
30.10.2015 09:24 <DIR> Windows NT
15.09.2016 21:18 <DIR> Windows Photo Viewer
12.03.2016 02:05 <DIR> Windows Portable Devices
09.12.2015 20:42 <DIR> WinRAR
0 File(s) 0 bytes
34 Dir(s) 32˙013˙426˙688 bytes free

========= End of CMD: =========

========= dir "C:\PROGRA~2" =========

Volume in drive C has no label.
Volume Serial Number is E859-5D06

Directory of C:\PROGRA~2

18.09.2016 15:47 <DIR> .
18.09.2016 15:47 <DIR> ..
27.08.2016 08:02 <DIR> Activision
03.04.2016 10:44 <DIR> Adobe
30.01.2016 15:45 <DIR> Adobe Story
03.09.2016 13:36 <DIR> AMD
06.04.2016 14:39 <DIR> Audacity
30.01.2016 20:05 <DIR> Boris FX, Inc
16.09.2016 19:31 <DIR> Common Files
18.09.2016 10:27 <DIR> Crawler
09.12.2015 21:07 <DIR> Creative
13.05.2016 10:17 <DIR> DU Meter
05.02.2016 14:32 <DIR> EA GAMES
13.04.2016 22:53 <DIR> Freemake
09.12.2015 20:55 <DIR> Google
21.01.2016 01:16 <DIR> HD Tune
18.03.2016 15:48 <DIR> HWiNFO32
09.12.2015 20:42 <DIR> ImgBurn
15.09.2016 21:18 <DIR> Internet Explorer
09.12.2015 21:16 <DIR> Lenovo
11.02.2016 20:45 <DIR> LG Electronics
03.09.2016 20:52 <DIR> LogMeIn Hamachi
15.09.2016 09:25 <DIR> Malwarebytes Anti-Malware
09.12.2015 20:34 <DIR> Microsoft Analysis Services
09.12.2015 20:34 <DIR> Microsoft Office
09.12.2015 20:36 <DIR> Microsoft SQL Server
12.03.2016 05:05 <DIR> Microsoft Toolkit Final
11.12.2015 05:03 <DIR> Microsoft.NET
01.09.2016 12:41 <DIR> Mozilla Firefox
03.09.2016 13:30 <DIR> Mozilla Maintenance Service
11.12.2015 13:42 <DIR> MSBuild
29.04.2016 19:43 <DIR> Mumble
30.01.2016 15:42 <DIR> My Company Name
04.03.2016 19:45 <DIR> OBS
04.01.2016 02:15 <DIR> Opera
19.08.2016 17:22 <DIR> PowerQuest
21.05.2016 22:44 <DIR> Raptr Inc
11.12.2015 13:42 <DIR> Reference Assemblies
09.12.2015 21:38 <DIR> Renesas Electronics
03.09.2016 12:59 <DIR> Rise of the Tomb Raider
14.08.2016 21:11 <DIR> Skype
21.05.2016 22:43 <DIR> Sony Mobile
15.09.2016 09:17 <DIR> Steam
28.05.2016 21:19 <DIR> TeamViewer
03.09.2016 23:14 <DIR> Valve
03.09.2016 13:36 <DIR> VulkanRT
15.09.2016 21:18 <DIR> Windows Defender
15.09.2016 21:18 <DIR> Windows Mail
30.10.2015 11:02 <DIR> Windows Media Player
12.03.2016 02:05 <DIR> Windows Multimedia Platform
30.10.2015 09:24 <DIR> Windows NT
15.09.2016 21:18 <DIR> Windows Photo Viewer
12.03.2016 02:05 <DIR> Windows Portable Devices
0 File(s) 0 bytes
53 Dir(s) 32˙013˙021˙184 bytes free

========= End of CMD: =========

========= dir "C:\PROGRA~3" =========

Volume in drive C has no label.
Volume Serial Number is E859-5D06

Directory of C:\PROGRA~3

03.04.2016 10:47 <DIR> Adobe
30.01.2016 16:09 <DIR> ALM
03.09.2016 14:20 <DIR> ATI
19.01.2016 13:18 <DIR> boost_interprocess
30.10.2015 09:24 <DIR> Comms
19.06.2016 02:09 <DIR> Conexant
27.04.2016 08:10 <DIR> ConMet
09.12.2015 22:43 <DIR> Creative
05.02.2016 14:26 <DIR> DAEMON Tools Lite
09.12.2015 21:16 <DIR> Downloaded Installations
06.05.2016 11:03 <DIR> Energy Management
19.08.2016 17:32 <DIR> explauncher
14.05.2016 11:30 <DIR> Freemake
27.04.2016 08:16 <DIR> Hagel Technologies
04.01.2016 03:11 <DIR> HitmanPro
19.08.2016 17:32 <DIR> launcher
03.09.2016 20:52 <DIR> LogMeIn
04.01.2016 02:30 <DIR> Malwarebytes
15.09.2016 20:10 <DIR> Microsoft Help
09.12.2015 20:29 <DIR> Microsoft OneDrive
04.01.2016 03:50 <DIR> Microsoft Toolkit
26.03.2016 20:08 <DIR> Oracle
30.01.2016 20:01 <DIR> PACE Anti-Piracy
03.09.2016 13:11 <DIR> Package Cache
29.08.2016 15:39 <DIR> regid.1986-12.com.adobe
11.12.2015 05:07 <DIR> regid.1991-06.com.microsoft
09.12.2015 23:03 <DIR> Riot Games
14.08.2016 21:11 <DIR> Skype
30.10.2015 09:24 <DIR> SoftwareDistribution
21.05.2016 22:42 <DIR> Sony Mobile
11.12.2015 05:03 <DIR> USOPrivate
10.07.2015 14:22 <DIR> USOShared
0 File(s) 0 bytes
32 Dir(s) 32˙013˙021˙184 bytes free

========= End of CMD: =========

========= dir "%localappdata%" =========

Volume in drive C has no label.
Volume Serial Number is E859-5D06

Directory of C:\Users\Caco\AppData\Local

17.09.2016 23:14 <DIR> .
17.09.2016 23:14 <DIR> ..
11.12.2015 05:20 <DIR> ActiveSync
03.04.2016 10:46 <DIR> Adobe
03.09.2016 14:21 <DIR> AMD
09.12.2015 23:17 <DIR> Apps
04.03.2016 19:45 <DIR> assembly
10.12.2015 02:02 <DIR> ATI
09.12.2015 21:47 <DIR> CEF
09.12.2015 22:17 <DIR> Comms
19.06.2016 02:09 <DIR> Conexant
26.05.2016 10:27 <DIR> Diagnostics
05.02.2016 14:34 <DIR> Disc_Soft_Ltd
19.08.2016 17:32 <DIR> Downloaded Installations
10.03.2016 09:24 <DIR> ElevatedDiagnostics
04.01.2016 02:28 <DIR> Eqjbtion
09.12.2015 20:53 <DIR> FluxSoftware
16.01.2016 21:59 <DIR> Google
04.01.2016 02:23 <DIR> Installer
03.09.2016 20:52 <DIR> LogMeIn
18.09.2016 10:26 <DIR> LogMeIn Hamachi
09.12.2015 21:22 <DIR> Macromedia
04.03.2016 12:21 <DIR> Microsoft
09.12.2015 20:34 <DIR> Microsoft Help
09.12.2015 20:32 <DIR> MicrosoftEdge
09.12.2015 20:46 <DIR> Mozilla
10.12.2015 05:28 <DIR> NetworkTiles
28.02.2016 19:20 <DIR> NFS Underground 2
04.01.2016 02:15 <DIR> Opera Software
30.01.2016 20:01 <DIR> PACE Anti-Piracy
10.09.2016 19:04 <DIR> Packages
09.12.2015 21:16 <DIR> Programs
09.12.2015 20:27 <DIR> Publishers
04.01.2016 01:44 7˙605 resmon.resmoncfg
03.09.2016 20:11 <DIR> SKIDROW
30.12.2015 18:45 <DIR> Spotify
09.12.2015 21:47 <DIR> Steam
06.04.2016 14:01 <DIR> TeamSpeak 3 Client
18.09.2016 15:49 <DIR> Temp
03.04.2016 18:51 <DIR> Thunderbird
09.12.2015 20:26 <DIR> TileDataLayer
20.08.2016 13:27 <DIR> VirtualStore
04.01.2016 02:10 41˙472 Y-ex.dat
26.08.2016 06:59 0 {2104380E-E6FA-470A-B876-079E71605FC8}
30.04.2016 10:21 0 {41AB819D-9AEC-402E-A23F-CD525EC55B9E}
4 File(s) 49˙077 bytes
41 Dir(s) 32˙013˙017˙088 bytes free

========= End of CMD: =========

========= dir "%appdata%" =========

Volume in drive C has no label.
Volume Serial Number is E859-5D06

Directory of C:\Users\Caco\AppData\Roaming

03.09.2016 13:00 <DIR> .
03.09.2016 13:00 <DIR> ..
10.07.2016 14:26 <DIR> 12ibt6
11.02.2016 20:42 <DIR> ADBDriverInstaller
16.05.2016 12:33 <DIR> Adobe
02.03.2016 01:46 <DIR> Adobe Mini Bridge CS5.1
29.08.2016 16:20 132 Adobe PNG Format CS5 Prefs
21.01.2016 11:24 <DIR> AMD
10.12.2015 02:02 <DIR> ATI
16.05.2016 09:03 <DIR> Audacity
09.12.2015 21:42 <DIR> Creative
03.09.2016 13:00 <DIR> Crystal Dynamics
02.09.2016 19:48 <DIR> DAEMON Tools Lite
23.04.2016 21:18 <DIR> dvdcss
31.01.2016 13:58 <DIR> Google.Apis.Auth
10.12.2015 10:49 <DIR> Gyazo
23.02.2016 13:36 <DIR> ImgBurn
09.12.2015 22:05 <DIR> library_dir
10.12.2015 13:36 <DIR> LolClient
01.04.2016 15:44 <DIR> LolScreenSaver
09.12.2015 21:22 <DIR> Macromedia
30.01.2016 20:03 <DIR> MisterHorse
09.12.2015 20:40 <DIR> Mozilla
25.05.2016 22:42 <DIR> Mumble
13.03.2016 14:11 <DIR> OBS
04.01.2016 02:15 <DIR> Opera Software
30.01.2016 20:01 <DIR> PACE Anti-Piracy
11.04.2016 10:56 <DIR> PlaysTV
09.12.2015 21:56 <DIR> Riot Games
04.09.2016 21:44 <DIR> Skype
31.12.2015 14:50 <DIR> Spotify
30.01.2016 20:02 <DIR> StageManager.BD092818F67280F4B42B04877600987F0111B594.1
13.03.2016 13:40 <DIR> Steam
09.12.2015 20:38 <DIR> Sun
21.05.2016 23:11 <DIR> TeamViewer
03.04.2016 18:50 <DIR> Thunderbird
17.09.2016 18:24 <DIR> TS3Client
18.09.2016 15:44 <DIR> uTorrent
18.09.2016 13:49 <DIR> vlc
10.12.2015 11:15 <DIR> WinRAR
06.04.2016 21:26 <DIR> YoutubeToMp3Converter
1 File(s) 132 bytes
40 Dir(s) 32˙013˙017˙088 bytes free

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15150199 B
Java, Flash, Steam htmlcache => 63902790 B
Windows/system/drivers => 12591806 B
Edge => 741 B
Chrome => 7980735 B
Firefox => 388070462 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 7168 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 3176 B
Caco => 424476998 B

RecycleBin => 2777 B
EmptyTemp: => 869.9 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 15:50:34 ====

Stahnete Crystal Disk Info (CDI) https://osdn.jp/frs/redir.php?m=cznic&f ... o6_7_5.zip
archiv extrahujte a spustte vyextrahovany soubor DiskInfo.exe
ve spustenem programu kliknete nahore na Upravy -> Kopirovat (log mate nyni zkopirovany ve schrance)
log vlozte do dalsi odpovedi (Ctrl + V)

----------------------------------------------------------------------------
CrystalDiskInfo 6.7.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 [10.0 Build 10586] (x64)
Date : 2016/09/18 20:20:31

-- Controller Map ----------------------------------------------------------
+ Standard SATA AHCI Controller [ATA]
- ST500LM000-1EJ162
- PLDS DVD-RW DS8A9SH
- Microsoft Storage Spaces Controller [SCSI]
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST500LM000-1EJ162 : 500,1 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST500LM000-1EJ162
----------------------------------------------------------------------------
Model : ST500LM000-1EJ162
Firmware : LVD1
Serial Number : W370DNBM
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : Unknown
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ACS-3 Revision 3b
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 14944 hours
Power On Count : 2242 count
Temperature : 38 C (100 F)
Health Status : Caution
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 101 _81 __6 00000286D4F4 Read Error Rate
03 _99 _98 __0 000000000000 Spin-Up Time
04 _98 _98 _20 000000000922 Start/Stop Count
05 100 100 _10 000000000000 Reallocated Sectors Count
07 _77 _60 _30 000B26F313E7 Seek Error Rate
09 _83 _83 __0 000000003A60 Power-On Hours
0A 100 100 _97 000000000000 Spin Retry Count
0C _98 _98 _20 0000000008C2 Power Cycle Count
B8 100 100 _99 000000000000 End-to-End Error
BB __1 __1 __0 00000000536F Reported Uncorrectable Errors
BC 100 100 __0 000000000005 Command Timeout
BD _15 _15 __0 000000000055 High Fly Writes
BE _62 _36 _45 00B82B260026 Airflow Temperature
BF 100 100 __0 000000000000 G-Sense Error Rate
C0 100 100 __0 00000000014E Power-off Retract Count
C1 _90 _90 __0 000000004F3E Load/Unload Cycle Count
C2 _38 _64 __0 000D00000026 Temperature
C5 100 100 __0 000000000020 Current Pending Sector Count
C6 100 100 __0 000000000020 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
FE 100 100 __0 000000000000 Free Fall Protection

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5733 3730 444E 424D
020: 0000 0000 0004 4C56 4431 2020 2020 5354 3530 304C
030: 4D30 3030 2D31 454A 3136 3220 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 8F0E 0006 004C 0040
080: 03F0 001F 346B 7D09 6163 3469 BC09 6163 407F 002F
090: 002F 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 0000 5000 C500
110: 6A3A 71FD 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6030
130: 3A38 6030 3A38 2020 0002 0140 0108 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 0001 0000 0000 7200 8806
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1081 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0003 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 C9A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 65 51 F4 D4 86 02 00 00 00 03 03
010: 00 63 62 00 00 00 00 00 00 00 04 32 00 62 62 22
020: 09 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 4D 3C E7 13 F3 26 0B 00 00 09 32
040: 00 53 53 60 3A 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 62 62 C2 08 00 00 00
060: 00 00 B8 32 00 64 64 00 00 00 00 00 00 00 BB 32
070: 00 01 01 6F 53 00 00 00 00 00 BC 32 00 64 64 05
080: 00 00 00 00 00 00 BD 3A 00 0F 0F 55 00 00 00 00
090: 00 00 BE 22 00 3E 24 26 00 26 2B B8 00 00 BF 32
0A0: 00 64 64 00 00 00 00 00 00 00 C0 32 00 64 64 4E
0B0: 01 00 00 00 00 00 C1 32 00 5A 5A 3E 4F 00 00 00
0C0: 00 00 C2 22 00 26 40 26 00 00 00 0D 00 00 C5 12
0D0: 00 64 64 20 00 00 00 00 00 00 C6 10 00 64 64 20
0E0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0F0: 00 00 FE 32 00 64 64 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 96 00 00 73
170: 03 00 01 00 01 63 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 9F 17 00 00 03 02 02 02 02 01 02 02
190: 02 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 DB BC 56 1D EE 30 00 00
1B0: 00 00 00 00 01 00 E4 44 AA 35 75 3C 0B 00 00 00
1C0: 75 EC 09 1C 09 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 0C 00 00 00 13 17 00 00 01 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9B

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B8 63 00 00 00 00 00 00 00 00 00 00 BB 00
070: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
080: 00 00 00 00 00 00 BD 00 00 00 00 00 00 00 00 00
090: 00 00 BE 2D 00 00 00 00 00 00 00 00 00 00 BF 00
0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0B0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C5 00
0D0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0E0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0F0: 00 00 FE 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89

Disk na tom neni dobre. Nainstalujte a spustte HD Tune - http://www.hdtune.com/files/hdtune_255.exe

Prejdete na zalozku Health a zkontrolujte, ze je ve sloupecku Status vsude hodnota OK a dole sviti zelene Health status: OK
Na zalozce Error Scan kliknete na Start. Po dokonceni testu udelejte screen a prilozte ho k dalsi odpovedi.

Kód: Vybrat vše

 http://imtp.me/btbz02rer.p

Popisovane problemy dle meho zpusobuje spatny stav HDD.

Nainstalujte MBAM 2.0 http://www.bleepingcomputer.com/downloa ... i-malware/
na konci instalace zruste zatrzitko u volby Povolit bezplatnou zkusebni verzi Malwarebytes Anti-Malware Premium
aktualizujte virovou databazi
na zalozce Sken vyberte moznost Sken hrozeb a spustte sken (vezme cca 30 minut)
do pristi odpovedi vlozte log s nalezy - dopredu nic nemazte.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 20.09.2016
Čas skenování: 19:23
Protokol:
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.09.20.06
Databáze rootkitů: v2016.08.15.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Caco

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 319843
Uplynulý čas: 12 min, 29 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 1
PUP.Optional.Smeazymo, C:\Users\Caco\AppData\Local\Y-ex.dat, , [acba185c2179290da3055d6f16ec8878],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

VIRY.CZ

Random preventívka noťasu.

Random preventívka noťasu.

Re: Random preventívka noťasu.

Re: Random preventívka noťasu.

Re: Random preventívka noťasu.

Re: Random preventívka noťasu.

Re: Random preventívka noťasu.

Re: Random preventívka noťasu.

Re: Random preventívka noťasu.

Re: Random preventívka noťasu.

Re: Random preventívka noťasu.

Re: Random preventívka noťasu.

Re: Random preventívka noťasu.

Re: Random preventívka noťasu.

Re: Random preventívka noťasu.

Re: Random preventívka noťasu.