při spuštění videa notebook zamrzne, nefunguje bod obnovi

Zpráva

robotus · #1 Příspěvek od **robotus** » 15 bře 2016 15:21

Dobrý den, při spuštění videa v prohlížeči nebo při návštěvě FB notebook zamrzne. Následně musím provést tvrdý restart, ale počítač nenaběhne. Až na několikátý pokus naskočí. To se opakuje od včerejška. 11. a 12. 3. 2016 proběhli automatické aktualicaze. Bohužel se z nějakého důvodu nejde vrátit pomocí bodu obnovi před tyto aktualizace. Níže vkládám log z RSIT. Děkuji za pomoc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jiří Jamník at 2016-03-15 14:57:11
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 33 GB (14%) free of 238 GB
Total RAM: 3955 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:10:32, on 15.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Jiří Jamník.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.zonealarm.com/?src=hp&tbi ... tsId=&ver=&
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Otevřít programem PDF Viewer Plus - res://C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe

--
End of file - 12491 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\WLANExt.exe 1570160
\??\C:\Windows\system32\conhost.exe "409187976-1513271900-1495449867-15744173114500305301150627076418943645-1414721430
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\SysWOW64\brsvc01a.exe
brss01a.exe
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2964
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
taskeng.exe {FBC9A9B9-50BE-45FF-A4E4-4BED486FF96B}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"taskhost.exe"
"C:\Users\Jiří Jamník\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default

prefs.js - "browser.startup.homepage" - "http://artodyssey1.blogspot.cz/search?q=joyce+ho"
prefs.js - "extensions.enabledItems" - "{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
"sp@avast.com"=C:\Program Files\Alwil Software\Avast5\SafePrice\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.182 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.182 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files (x86)\Mozilla Firefox\components\
npdevalvr.xpt
nsIBitCometAgent.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npBitCometAgent.dll
npdevalvr.dll
NPOFF12.DLL
nppdf32.dll
npwachk.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\searchplugins\
zonealarm.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2016-03-15 901600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08 2134656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}]
PlusIEEventHelper Class - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06 249856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-20 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2016-03-15 678656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08 1725056]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-20 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\00TCrdMain]
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-03-03 913720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13 1085656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-12 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrStsMon00]
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter4]
C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Jiří [2010-11-20 1972]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Jiří [2010-11-20 1972]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HSON]
C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HWSetup]
C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2010-03-04 423936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [2010-03-09 46368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeNotify]
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-12-25 34160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager]
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2009-11-11 288088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [2010-03-09 1086760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [2010-03-09 29984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF5 Registry Controller]
C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [2010-03-05 62752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFHook]
C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [2010-03-05 636192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRO Landscape Dashboard]
C:\Program Files (x86)\Drafix\PRO Landscape\PRO Landscape Dashboard.exe [2005-12-26 3596288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QT Lite\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-03-22 896032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-22 10134560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartFaceVWatcher]
C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-03-15 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2016-01-28 7935904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Teco]
C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-04-06 1489760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSHIBA Online Product Information]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [2010-03-03 4581280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-10-26 1050072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToshibaServiceStation]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2011-07-11 1298816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC]
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-03-19 595816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosReelTimeMonitor]
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-03-03 35672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosSENotify]
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosVolRegulator]
C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosWaitSrv]
C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2010-02-23 705368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPwrMain]
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TWebCamera]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Jiří Jamník^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~2\MIF5BA~1\Office12\ONENOTEM.EXE [2006-10-26 98632]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2013-08-12 73832]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2016-03-15 7137664]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13 1085656]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 596528]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-03-15 14:57:11 ----D---- C:\rsit
2016-03-15 14:57:11 ----D---- C:\Program Files\trend micro
2016-03-15 09:13:45 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2016-03-15 09:13:15 ----A---- C:\Windows\system32\aswBoot.exe
2016-03-15 09:12:43 ----A---- C:\Windows\avastSS.scr
2016-03-15 08:48:47 ----A---- C:\Windows\ntbtlog.txt
2016-03-09 11:30:20 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\ucrtbase.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\seclogon.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 11:30:19 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 11:30:16 ----A---- C:\Windows\system32\win32k.sys
2016-03-09 11:30:13 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-03-09 11:30:13 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-03-09 11:30:13 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-03-09 11:30:13 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-03-09 11:30:13 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-03-09 11:30:13 ----A---- C:\Windows\system32\wuwebv.dll
2016-03-09 11:30:13 ----A---- C:\Windows\system32\wups2.dll
2016-03-09 11:30:13 ----A---- C:\Windows\system32\wups.dll
2016-03-09 11:30:13 ----A---- C:\Windows\system32\wudriver.dll
2016-03-09 11:30:13 ----A---- C:\Windows\system32\wucltux.dll
2016-03-09 11:30:13 ----A---- C:\Windows\system32\wuaueng.dll
2016-03-09 11:30:13 ----A---- C:\Windows\system32\wuauclt.exe
2016-03-09 11:30:13 ----A---- C:\Windows\system32\wuapp.exe
2016-03-09 11:30:13 ----A---- C:\Windows\system32\wuapi.dll
2016-03-09 11:30:13 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 11:30:13 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-03-09 11:30:11 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-03-09 11:30:10 ----A---- C:\Windows\system32\oleaut32.dll
2016-03-09 11:30:09 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-03-09 11:30:09 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-03-09 11:30:09 ----A---- C:\Windows\system32\asycfilt.dll
2016-03-09 11:30:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-03-09 11:30:04 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-03-09 11:30:04 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-03-09 11:30:04 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-03-09 11:30:04 ----A---- C:\Windows\system32\iertutil.dll
2016-03-09 11:30:04 ----A---- C:\Windows\system32\iernonce.dll
2016-03-09 11:30:04 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-03-09 11:30:04 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-03-09 11:30:03 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-03-09 11:30:03 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-03-09 11:30:03 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-03-09 11:30:03 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-03-09 11:30:03 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-03-09 11:30:03 ----A---- C:\Windows\system32\inseng.dll
2016-03-09 11:30:03 ----A---- C:\Windows\system32\ie4uinit.exe
2016-03-09 11:30:02 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-03-09 11:30:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-03-09 11:30:02 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-03-09 11:30:02 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-03-09 11:30:02 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 11:30:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-03-09 11:30:01 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-03-09 11:30:01 ----A---- C:\Windows\system32\occache.dll
2016-03-09 11:30:01 ----A---- C:\Windows\system32\iedkcs32.dll
2016-03-09 11:30:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-03-09 11:30:00 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-03-09 11:30:00 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-03-09 11:30:00 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-03-09 11:30:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-03-09 11:30:00 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-03-09 11:30:00 ----A---- C:\Windows\system32\urlmon.dll
2016-03-09 11:30:00 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 11:30:00 ----A---- C:\Windows\system32\msfeeds.dll
2016-03-09 11:30:00 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 11:30:00 ----A---- C:\Windows\system32\dxtrans.dll
2016-03-09 11:29:59 ----A---- C:\Windows\system32\iesetup.dll
2016-03-09 11:29:59 ----A---- C:\Windows\system32\ieapfltr.dll
2016-03-09 11:29:57 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-03-09 11:29:57 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-03-09 11:29:57 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-03-09 11:29:57 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-03-09 11:29:57 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-03-09 11:29:57 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-03-09 11:29:57 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-03-09 11:29:57 ----A---- C:\Windows\system32\vbscript.dll
2016-03-09 11:29:57 ----A---- C:\Windows\system32\jsproxy.dll
2016-03-09 11:29:56 ----A---- C:\Windows\system32\ieui.dll
2016-03-09 11:29:56 ----A---- C:\Windows\system32\ieframe.dll
2016-03-09 11:29:56 ----A---- C:\Windows\system32\dxtmsft.dll
2016-03-09 11:29:55 ----A---- C:\Windows\system32\mshtmled.dll
2016-03-09 11:29:54 ----A---- C:\Windows\system32\webcheck.dll
2016-03-09 11:29:54 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-03-09 11:29:54 ----A---- C:\Windows\system32\jscript9diag.dll
2016-03-09 11:29:54 ----A---- C:\Windows\system32\jscript.dll
2016-03-09 11:29:54 ----A---- C:\Windows\system32\ieUnatt.exe
2016-03-09 11:29:53 ----A---- C:\Windows\system32\wininet.dll
2016-03-09 11:29:53 ----A---- C:\Windows\system32\jscript9.dll
2016-03-09 11:29:52 ----A---- C:\Windows\system32\msrating.dll
2016-03-09 11:29:52 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-03-09 11:29:52 ----A---- C:\Windows\system32\mshtml.dll
2016-03-09 11:28:53 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-03-09 11:28:51 ----A---- C:\Windows\system32\ntdll.dll
2016-03-09 11:28:50 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-03-09 11:28:50 ----A---- C:\Windows\system32\KernelBase.dll
2016-03-09 11:28:50 ----A---- C:\Windows\system32\kerberos.dll
2016-03-09 11:28:49 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-03-09 11:28:49 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-03-09 11:28:48 ----A---- C:\Windows\system32\kernel32.dll
2016-03-09 11:28:47 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-03-09 11:28:47 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-03-09 11:28:47 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-03-09 11:28:47 ----A---- C:\Windows\system32\advapi32.dll
2016-03-09 11:28:45 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-03-09 11:28:45 ----A---- C:\Windows\system32\lsasrv.dll
2016-03-09 11:28:45 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-03-09 11:28:44 ----A---- C:\Windows\system32\rpcrt4.dll
2016-03-09 11:28:43 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-03-09 11:28:43 ----A---- C:\Windows\system32\smss.exe
2016-03-09 11:28:43 ----A---- C:\Windows\system32\schannel.dll
2016-03-09 11:28:43 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-03-09 11:28:42 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-03-09 11:28:42 ----A---- C:\Windows\system32\wow64win.dll
2016-03-09 11:28:42 ----A---- C:\Windows\system32\srcore.dll
2016-03-09 11:28:42 ----A---- C:\Windows\system32\msv1_0.dll
2016-03-09 11:28:42 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-03-09 11:28:41 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-03-09 11:28:41 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-03-09 11:28:41 ----A---- C:\Windows\system32\wow64.dll
2016-03-09 11:28:41 ----A---- C:\Windows\system32\winsrv.dll
2016-03-09 11:28:41 ----A---- C:\Windows\system32\wdigest.dll
2016-03-09 11:28:41 ----A---- C:\Windows\system32\TSpkg.dll
2016-03-09 11:28:41 ----A---- C:\Windows\system32\sspicli.dll
2016-03-09 11:28:41 ----A---- C:\Windows\system32\ncrypt.dll
2016-03-09 11:28:41 ----A---- C:\Windows\system32\conhost.exe
2016-03-09 11:28:40 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-03-09 11:28:39 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-03-09 11:28:39 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-03-09 11:28:39 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-03-09 11:28:39 ----A---- C:\Windows\system32\wow64cpu.dll
2016-03-09 11:28:39 ----A---- C:\Windows\system32\sspisrv.dll
2016-03-09 11:28:39 ----A---- C:\Windows\system32\lsass.exe
2016-03-09 11:28:39 ----A---- C:\Windows\system32\csrsrv.dll
2016-03-09 11:28:39 ----A---- C:\Windows\system32\cryptbase.dll
2016-03-09 11:28:38 ----A---- C:\Windows\system32\srclient.dll
2016-03-09 11:28:38 ----A---- C:\Windows\system32\secur32.dll
2016-03-09 11:28:38 ----A---- C:\Windows\system32\rstrui.exe
2016-03-09 11:28:37 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-03-09 11:28:37 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-03-09 11:28:37 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-03-09 11:28:37 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-03-09 11:28:37 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-03-09 11:28:37 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-03-09 11:28:37 ----A---- C:\Windows\system32\ntvdm64.dll
2016-03-09 11:28:37 ----A---- C:\Windows\system32\credssp.dll
2016-03-09 11:28:37 ----A---- C:\Windows\system32\auditpol.exe
2016-03-09 11:28:36 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-03-09 11:28:36 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-03-09 11:28:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 11:28:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 11:28:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 11:28:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 11:28:35 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 11:28:35 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 11:28:35 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 11:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 11:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 11:28:33 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-03-09 11:28:33 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-03-09 11:28:33 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-03-09 11:28:33 ----A---- C:\Windows\system32\apisetschema.dll
2016-03-09 11:28:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 11:28:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 11:28:32 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 11:28:32 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 11:28:31 ----A---- C:\Windows\SYSWOW64\user.exe
2016-03-09 11:28:31 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-03-09 11:28:31 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-03-09 11:28:31 ----A---- C:\Windows\system32\msaudite.dll
2016-03-09 11:28:31 ----A---- C:\Windows\system32\adtschema.dll
2016-03-09 11:28:30 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-03-09 11:28:30 ----A---- C:\Windows\system32\msobjs.dll
2016-03-09 11:27:03 ----A---- C:\Windows\system32\mfds.dll
2016-03-09 11:27:02 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-03-09 11:27:00 ----A---- C:\Windows\system32\atmfd.dll
2016-03-09 11:26:56 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-03-09 11:26:56 ----A---- C:\Windows\system32\lpk.dll
2016-03-09 11:26:55 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-03-09 11:26:55 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-03-09 11:26:55 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-03-09 11:26:55 ----A---- C:\Windows\system32\fontsub.dll
2016-03-09 11:26:55 ----A---- C:\Windows\system32\dciman32.dll
2016-03-09 11:26:55 ----A---- C:\Windows\system32\atmlib.dll
2016-03-09 11:26:54 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-03-09 11:26:52 ----A---- C:\Windows\system32\wmp.dll
2016-03-09 11:26:51 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-03-09 11:26:50 ----A---- C:\Windows\system32\spwmp.dll
2016-03-09 11:26:49 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-03-09 11:26:49 ----A---- C:\Windows\system32\dxmasf.dll
2016-03-09 11:26:45 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-03-09 11:26:45 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-03-09 11:26:45 ----A---- C:\Windows\system32\wmploc.DLL
2016-03-09 11:26:30 ----A---- C:\Windows\system32\generaltel.dll
2016-03-09 11:26:30 ----A---- C:\Windows\system32\appraiser.dll
2016-03-09 11:26:30 ----A---- C:\Windows\system32\aeinv.dll
2016-03-09 11:26:29 ----A---- C:\Windows\system32\invagent.dll
2016-03-09 11:26:29 ----A---- C:\Windows\system32\devinv.dll
2016-03-09 11:26:29 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-03-09 11:26:29 ----A---- C:\Windows\system32\acmigration.dll
2016-02-21 22:41:16 ----D---- C:\Program Files (x86)\OpenXML-ODF Translator

======List of files/folders modified in the last 1 month======

2016-03-15 15:04:21 ----D---- C:\Windows\Prefetch
2016-03-15 14:57:12 ----D---- C:\Windows\Temp
2016-03-15 14:57:11 ----D---- C:\Program Files
2016-03-15 14:27:29 ----A---- C:\Windows\SYSWOW64\log.txt
2016-03-15 13:37:34 ----D---- C:\Windows\system32\config
2016-03-15 13:04:25 ----SHD---- C:\System Volume Information
2016-03-15 13:03:10 ----D---- C:\Windows\SYSWOW64\vbox
2016-03-15 13:03:10 ----D---- C:\Windows\system32\vbox
2016-03-15 12:47:27 ----D---- C:\Windows\system32\wbem
2016-03-15 12:47:27 ----D---- C:\Windows
2016-03-15 12:45:23 ----D---- C:\Program Files (x86)\Windows Media Player
2016-03-15 12:45:23 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-15 12:45:14 ----D---- C:\Program Files\Windows Media Player
2016-03-15 12:45:14 ----D---- C:\Program Files\Internet Explorer
2016-03-15 12:45:14 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-03-15 12:45:09 ----D---- C:\Users\Jiří Jamník\AppData\Roaming\MB-Ruler
2016-03-15 12:45:07 ----D---- C:\Windows\AppPatch
2016-03-15 12:45:07 ----D---- C:\Users\Jiří Jamník\AppData\Roaming\Winamp
2016-03-15 12:45:07 ----D---- C:\Users\Jiří Jamník\AppData\Roaming\uTorrent
2016-03-15 12:45:00 ----SHD---- C:\Windows\Installer
2016-03-15 12:45:00 ----D---- C:\Windows\inf
2016-03-15 12:44:54 ----D---- C:\Windows\rescache
2016-03-15 12:44:44 ----SD---- C:\Windows\system32\CompatTel
2016-03-15 12:44:44 ----D---- C:\Windows\system32\DriverStore
2016-03-15 12:44:44 ----D---- C:\Windows\system32\drivers
2016-03-15 12:44:44 ----D---- C:\Windows\system32\cs-CZ
2016-03-15 12:44:44 ----D---- C:\Windows\system32\CodeIntegrity
2016-03-15 12:44:44 ----D---- C:\Windows\system32\catroot2
2016-03-15 12:44:44 ----D---- C:\Windows\system32\appraiser
2016-03-15 12:44:44 ----D---- C:\Windows\System32
2016-03-15 12:44:42 ----SD---- C:\Windows\system32\GWX
2016-03-15 12:44:42 ----D---- C:\Windows\system32\en-US
2016-03-15 12:44:37 ----D---- C:\Windows\SysWOW64
2016-03-15 12:44:37 ----D---- C:\Windows\system32\Tasks
2016-03-15 12:44:36 ----D---- C:\Windows\winsxs
2016-03-15 12:44:36 ----D---- C:\Windows\Tasks
2016-03-15 12:44:36 ----D---- C:\Windows\SYSWOW64\en-US
2016-03-15 12:44:36 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-03-15 12:43:36 ----D---- C:\Windows\registration
2016-03-15 09:47:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-15 09:25:25 ----D---- C:\Program Files\CCleaner
2016-03-15 09:13:02 ----D---- C:\ProgramData\AVAST Software
2016-03-15 09:12:22 ----D---- C:\Program Files\avast software
2016-03-13 16:25:28 ----D---- C:\Users\Jiří Jamník\AppData\Roaming\Nitro PDF
2016-03-12 20:13:06 ----D---- C:\Windows\Microsoft.NET
2016-03-12 20:12:16 ----RSD---- C:\Windows\assembly
2016-03-12 19:52:19 ----SHD---- C:\Config.Msi
2016-03-11 06:59:19 ----D---- C:\Windows\system32\MRT
2016-03-11 06:51:45 ----A---- C:\Windows\system32\MRT.exe
2016-03-11 06:48:09 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-02-28 08:31:18 ----SD---- C:\Windows\SYSWOW64\GWX
2016-02-21 22:41:16 ----RD---- C:\Program Files (x86)
2016-02-19 21:08:49 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2016-02-19 21:08:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-03-15 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-03-15 287016]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2013-08-03 458584]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2016-03-15 154024]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-03-15 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-03-15 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-03-15 1070904]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-03-15 463744]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-08-20 283064]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-08-03 613720]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2016-03-15 462304]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-03-15 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-03-15 107792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-03-15 165344]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-08-29 11576]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [2016-03-15 310904]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-15 6403072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-15 188928]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-05-23 2750464]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-22 2298400]
R3 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-12-02 213280]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 325152]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-03-15 6403072]
S3 BrSerIb;Brother Serial Interface Driver(WDM); C:\Windows\system32\DRIVERS\BrSerIb.sys [2012-11-15 95344]
S3 BrUsbSIb;Brother Serial USB Driver(WDM); C:\Windows\system32\DRIVERS\BrUsbSIb.sys [2012-11-15 21872]
S3 cleanhlp;cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2015-12-08 122160]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2009-06-29 132608]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS [2013-03-20 37344]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-04-09 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-04-09 116864]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2009-06-29 116096]
S3 LUMDriver;LUMDriver; \??\C:\Windows\system32\drivers\LUMDriver.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-05-18 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-05-18 27136]
S3 NPF;WinPcap Packet Driver (NPF); C:\Windows\system32\drivers\NPF.sys [2011-02-11 35344]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-01-07 232992]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2015-12-08 214832]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-05-18 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-05-18 9216]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-08-13 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-15 202752]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2016-03-15 237096]
R2 Brother XP spl Service;BrSplService; C:\Windows\syswow64\brsvc01a.exe [2002-04-12 57344]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool; C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [2011-01-14 341296]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-01-14 242048]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-04-06 258928]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2013-08-12 2445304]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [2016-03-15 5570120]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11 269504]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2012-03-21 72704]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-03-26 1431888]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-02-08 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-12 146888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-11 57216]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-31 1255736]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-01-15 935208]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-09 144672]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S4 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-10-26 124368]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 15 bře 2016 18:36

Zkuste ty aktualizace odinstalovat.

robotus · #3 Příspěvek od **robotus** » 15 bře 2016 19:50

Ještě jsem to neodinstaloval. Možná je problém ještě někde jinde. Když to zamrzne, vypnu to na tvrdo a pak to nemůžu nahodit (nenabíhá, černá obrazovka). Naposledy asi na šestý pokus. Nereaguje ani F8 pro nouzový režim. Může to být hardware?

#4 Příspěvek od **Rudy** » 15 bře 2016 19:52

Může, ale v tomto případě bych to spíš přisoudil systému po nepodařených aktualizacích.

robotus · #5 Příspěvek od **robotus** » 16 bře 2016 00:25

Aktualizace jsem odinstaloval, ale žádná změna. Občas po restartu mi windows hlásí, že žádný firewall není zapnutý i když zonealarm běží. Comp naskočí až třeba na šestý pokus. Spustil jsem i Memtest asi na 40 min a žádná chyba. Udělal jsem též scan ADWcleaner, ale když spustím clean, tak se sice rozeběhne, ale cca po 1 min se dalších 10 min nic neděje. Zkusím to ještě pustit přes noc.

Díky za každou dobrou radu.

robotus · #6 Příspěvek od **robotus** » 16 bře 2016 07:27

přidávám log po cleanu adwcleaneru.

# AdwCleaner v5.102 - Logfile created 16/03/2016 at 00:34:14
# Updated 13/03/2016 by Xplode
# Database : 2016-03-14.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Jiří Jamník - TOSHIBA
# Running from : C:\Users\Jiří Jamník\Desktop\AdwCleaner.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[#] Folder Deleted : C:\Users\Jiří Jamník\Documents\BitLord

***** [ Files ] *****

[-] File Deleted : C:\Users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\searchplugins\zonealarm.xml

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Key Deleted : HKCU\Software\Check Point Software Technologies LTD
[-] Key Deleted : HKLM\SOFTWARE\Check Point Software Technologies LTD
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm Security Toolbar
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2419117446-1860271502-1876842869-1001\Software\ICQ\ICQToolbar
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
[-] Data Restored : HKU\S-1-5-21-2419117446-1860271502-1876842869-1001\Software\Microsoft\Internet Explorer\Main [Start Page]

***** [ Web browsers ] *****

[-] [C:\Users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\prefs.js] [Preference] Deleted : user_pref("extensions.zonealarm.hmpgUrl", "hxxp://search.zonealarm.com/?src=hp&tbid=goughDev3&Lan=en&gu=8a2dda1a44624f52aca80851783a9788&tu=10G9z00JL2B0Ca0&sku=&tstsId=&ver=&");
[-] [C:\Users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\prefs.js] [Preference] Deleted : user_pref("extensions.zonealarm.newTabUrl", "hxxp://search.zonealarm.com/?src=nt&tbid=goughDev3&Lan=en&gu=8a2dda1a44624f52aca80851783a9788&tu=10G9z00JL2B0Ca0&sku=&tstsId=&ver=&");
[-] [C:\Users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\prefs.js] [Preference] Deleted : user_pref("extensions.zonealarm.tlbrSrchUrl", "hxxp://search.zonealarm.com/search?src=tb&tbid=goughDev3&Lan={dfltLng}&gu=8a2dda1a44624f52aca80851783a9788&tu=10G9z00JL2B0Ca0&sku=&tstsId=&ver=&&q=");
[-] [C:\Users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\user.js] [Preference] Deleted : user_pref("extensions.zonealarm.tlbrSrchUrl", "hxxp://search.zonealarm.com/search?src=tb&tbid=goughDev3&Lan={dfltLng}&gu=8a2dda1a44624f52aca80851783a9788&tu=10G9z00JL2B0Ca0&sku=&tstsId=&ver=&&q=");
[-] [C:\Users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\user.js] [Preference] Deleted : user_pref("extensions.zonealarm.hmpgUrl", "hxxp://search.zonealarm.com/?src=hp&tbid=goughDev3&Lan=en&gu=8a2dda1a44624f52aca80851783a9788&tu=10G9z00JL2B0Ca0&sku=&tstsId=&ver=&");
[-] [C:\Users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\user.js] [Preference] Deleted : user_pref("extensions.zonealarm.newTabUrl", "hxxp://search.zonealarm.com/?src=nt&tbid=goughDev3&Lan=en&gu=8a2dda1a44624f52aca80851783a9788&tu=10G9z00JL2B0Ca0&sku=&tstsId=&ver=&");

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [882 bytes] - [15/03/2016 23:06:49]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C2].txt - [416 bytes] - [15/03/2016 23:34:46]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C3].txt - [416 bytes] - [15/03/2016 23:45:42]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C4].txt - [6102 bytes] - [16/03/2016 00:34:14]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [6743 bytes] - [15/03/2016 23:02:11]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S2].txt - [6498 bytes] - [15/03/2016 23:31:31]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S3].txt - [6683 bytes] - [15/03/2016 23:44:11]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S4].txt - [6868 bytes] - [16/03/2016 00:31:39]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C4].txt - [6567 bytes] ##########

robotus · #7 Příspěvek od **robotus** » 16 bře 2016 13:39

Přikládám log JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 7 Home Premium x64
Ran by Jiýˇ Jamnˇk (Administrator) on st 16.03.2016 at 12:07:47.23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 26

Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\user.js (File)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Roaming\opencandy (Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66RW11YR (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\68S2UEEW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7QQ1RSV9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\98VTLVK9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHZLOP65 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EUXQKFN6 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NHUFD1KZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Jiýˇ Jamnˇk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TYQX0Y4G (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66RW11YR (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\68S2UEEW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7QQ1RSV9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\98VTLVK9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EHZLOP65 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EUXQKFN6 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NHUFD1KZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TYQX0Y4G (Temporary Internet Files Folder)

Registry: 2

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{583FE9F2-6678-46BA-84F8-266728073E03} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C228DE78-AD7F-4993-8E37-89886B666D06} (Registry Key)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 16.03.2016 at 12:13:12.78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

robotus · #8 Příspěvek od **robotus** » 16 bře 2016 13:41

A log RogueKiller

RogueKiller V12.0.2.0 (x64) [Mar 14 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Ji?í Jamník [Práva správce]
Started from : C:\Users\Ji?í Jamník\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 03/16/2016 13:21:32

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2419117446-1860271502-1876842869-1001\Software

\Microsoft\Internet Explorer\Main | Default_Page_URL : http://toshiba.msn.com -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2419117446-1860271502-1876842869-1001\Software

\Microsoft\Internet Explorer\Main | Default_Page_URL : http://toshiba.msn.com -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 3 ¤¤¤
[Keylogger][Složka] C:\Users\Ji?í Jamník\AppData\Roaming\FK_Monitor -> Nalezeno
[PUP][Složka] C:\ProgramData\{00BAB1C5-D99B-4EF4-B1D6-1DEB5DA070DA} -> Nalezeno
[PUP][Složka] C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} -> Nalezeno

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] gexw2bdx.default : user_pref("browser.startup.homepage",

"http://artodyssey1.blogspot.cz/search?q=joyce+ho"); -> Nalezeno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD7500BPVX-22JC3T0 +++++
--- User ---
[MBR] dd045539c42ca135bc72021893d2edf2
[BSP] 7092d10aeec3b2fad8f8b17b6e04cd8a : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 800 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1638630 | Size: 238472 MB [Windows Vista/7/8

Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 490030695 | Size: 476129 MB [Windows

Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

robotus · #9 Příspěvek od **robotus** » 16 bře 2016 13:55

RogueKiller našel 6 threds. Co s nimi? Mám je odstranit? Nebo jen ty tři, které označil?

#10 Příspěvek od **Rudy** » 16 bře 2016 18:20

Jen ty označené. Nastala nějaká změna?

robotus · #11 Příspěvek od **robotus** » 16 bře 2016 19:03

odstraněno. Po restartu comp nenaběhnul. Jdu to nahodit. Nějaká rada? Dík

#12 Příspěvek od **Rudy** » 16 bře 2016 19:14

Nevím, co jste s tím dělal, JRT, ani RK jsem po vás nechtěl. Děláte zbytečné věci a asi si i škodíte. Je tam nějaká hláška?

robotus · #13 Příspěvek od **robotus** » 16 bře 2016 19:36

Tady je ten log po cleanu adwcleaneru.

# AdwCleaner v5.102 - Logfile created 16/03/2016 at 00:34:14
# Updated 13/03/2016 by Xplode
# Database : 2016-03-14.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Jiří Jamník - TOSHIBA
# Running from : C:\Users\Jiří Jamník\Desktop\AdwCleaner.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[#] Folder Deleted : C:\Users\Jiří Jamník\Documents\BitLord

***** [ Files ] *****

[-] File Deleted : C:\Users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\searchplugins\zonealarm.xml

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Key Deleted : HKCU\Software\Check Point Software Technologies LTD
[-] Key Deleted : HKLM\SOFTWARE\Check Point Software Technologies LTD
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm Security Toolbar
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2419117446-1860271502-1876842869-1001\Software\ICQ\ICQToolbar
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
[-] Data Restored : HKU\S-1-5-21-2419117446-1860271502-1876842869-1001\Software\Microsoft\Internet Explorer\Main [Start Page]

***** [ Web browsers ] *****

[-] [C:\Users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\prefs.js] [Preference] Deleted : user_pref("extensions.zonealarm.hmpgUrl", "hxxp://search.zonealarm.com/?src=hp&tbid=goughDev3&Lan=en&gu=8a2dda1a44624f52aca80851783a9788&tu=10G9z00JL2B0Ca0&sku=&tstsId=&ver=&");
[-] [C:\Users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\prefs.js] [Preference] Deleted : user_pref("extensions.zonealarm.newTabUrl", "hxxp://search.zonealarm.com/?src=nt&tbid=goughDev3&Lan=en&gu=8a2dda1a44624f52aca80851783a9788&tu=10G9z00JL2B0Ca0&sku=&tstsId=&ver=&");
[-] [C:\Users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\prefs.js] [Preference] Deleted : user_pref("extensions.zonealarm.tlbrSrchUrl", "hxxp://search.zonealarm.com/search?src=tb&tbid=goughDev3&Lan={dfltLng}&gu=8a2dda1a44624f52aca80851783a9788&tu=10G9z00JL2B0Ca0&sku=&tstsId=&ver=&&q=");
[-] [C:\Users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\user.js] [Preference] Deleted : user_pref("extensions.zonealarm.tlbrSrchUrl", "hxxp://search.zonealarm.com/search?src=tb&tbid=goughDev3&Lan={dfltLng}&gu=8a2dda1a44624f52aca80851783a9788&tu=10G9z00JL2B0Ca0&sku=&tstsId=&ver=&&q=");
[-] [C:\Users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\user.js] [Preference] Deleted : user_pref("extensions.zonealarm.hmpgUrl", "hxxp://search.zonealarm.com/?src=hp&tbid=goughDev3&Lan=en&gu=8a2dda1a44624f52aca80851783a9788&tu=10G9z00JL2B0Ca0&sku=&tstsId=&ver=&");
[-] [C:\Users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\user.js] [Preference] Deleted : user_pref("extensions.zonealarm.newTabUrl", "hxxp://search.zonealarm.com/?src=nt&tbid=goughDev3&Lan=en&gu=8a2dda1a44624f52aca80851783a9788&tu=10G9z00JL2B0Ca0&sku=&tstsId=&ver=&");

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [882 bytes] - [15/03/2016 23:06:49]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C2].txt - [416 bytes] - [15/03/2016 23:34:46]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C3].txt - [416 bytes] - [15/03/2016 23:45:42]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C4].txt - [6102 bytes] - [16/03/2016 00:34:14]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [6743 bytes] - [15/03/2016 23:02:11]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S2].txt - [6498 bytes] - [15/03/2016 23:31:31]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S3].txt - [6683 bytes] - [15/03/2016 23:44:11]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S4].txt - [6868 bytes] - [16/03/2016 00:31:39]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C4].txt - [6567 bytes] ##########

#14 Příspěvek od **Rudy** » 16 bře 2016 20:26

Teď je to OK. Dejte nový log RSIT.

robotus · #15 Příspěvek od **robotus** » 16 bře 2016 20:30

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jiří Jamník at 2016-03-16 20:29:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 36 GB (15%) free of 238 GB
Total RAM: 3955 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:29:58, on 16.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\trend micro\Jiří Jamník.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Otevřít programem PDF Viewer Plus - res://C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe

--
End of file - 12585 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\WLANExt.exe 31984384
\??\C:\Windows\system32\conhost.exe "-1867890152-350442471886537547-2008366811-162733827132053403116728796211616999094
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\SysWOW64\brsvc01a.exe
C:\Windows\System32\spoolsv.exe
brss01a.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe"
WLIDSvcM.exe 3548
taskeng.exe {99681D6F-49FC-4C59-A3BD-CD4CE887D304}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
/fmw.trayonly
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled -critical
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:3488
"C:\Users\Jiří Jamník\Desktop\RogueKillerX64.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "http://www.adlice.com/pum-removal/"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service

"C:\Users\Jiří Jamník\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

=========Mozilla firefox=========

ProfilePath - C:\Users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default

prefs.js - "browser.startup.homepage" - "http://artodyssey1.blogspot.cz/search?q=joyce+ho"
prefs.js - "extensions.enabledItems" - "{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
"sp@avast.com"=C:\Program Files\Alwil Software\Avast5\SafePrice\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files (x86)\Mozilla Firefox\components\
npdevalvr.xpt
nsIBitCometAgent.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npBitCometAgent.dll
npdevalvr.dll
NPOFF12.DLL
nppdf32.dll
npwachk.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2016-03-15 901600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08 2134656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}]
PlusIEEventHelper Class - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06 249856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-20 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2016-03-15 678656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08 1725056]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-20 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\00TCrdMain]
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-03-03 913720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13 1085656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-12 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrStsMon00]
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter4]
C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Jiří [2010-11-20 1972]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Jiří [2010-11-20 1972]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HSON]
C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HWSetup]
C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2010-03-04 423936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [2010-03-09 46368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeNotify]
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-12-25 34160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager]
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2009-11-11 288088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [2010-03-09 1086760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [2010-03-09 29984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF5 Registry Controller]
C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [2010-03-05 62752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFHook]
C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [2010-03-05 636192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRO Landscape Dashboard]
C:\Program Files (x86)\Drafix\PRO Landscape\PRO Landscape Dashboard.exe [2005-12-26 3596288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QT Lite\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-03-22 896032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-22 10134560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartFaceVWatcher]
C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-03-15 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2016-01-28 7935904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Teco]
C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-04-06 1489760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSHIBA Online Product Information]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [2010-03-03 4581280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-10-26 1050072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToshibaServiceStation]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2011-07-11 1298816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC]
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-03-19 595816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosReelTimeMonitor]
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-03-03 35672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosSENotify]
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosVolRegulator]
C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosWaitSrv]
C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2010-02-23 705368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPwrMain]
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TWebCamera]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Jiří Jamník^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~2\MIF5BA~1\Office12\ONENOTEM.EXE [2006-10-26 98632]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2013-08-12 73832]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2016-03-15 7137664]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13 1085656]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 596528]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-02-18 179624]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-03-16 12:18:04 ----A---- C:\Windows\system32\drivers\TrueSight.sys
2016-03-16 12:17:23 ----D---- C:\ProgramData\RogueKiller
2016-03-16 12:05:23 ----A---- C:\Windows\system32\TURegOpt.exe
2016-03-16 12:05:20 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2016-03-16 12:05:20 ----A---- C:\Windows\system32\authuitu.dll
2016-03-16 12:01:17 ----D---- C:\Program Files (x86)\AVG
2016-03-16 12:01:16 ----D---- C:\ProgramData\Avg
2016-03-16 12:00:28 ----D---- C:\Program Files (x86)\CrystalDiskInfo
2016-03-16 09:26:30 ----A---- C:\160315 MB.txt
2016-03-16 07:55:10 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-03-16 07:54:27 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-03-16 07:54:27 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-03-16 07:54:27 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-03-16 07:54:26 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-15 23:01:57 ----D---- C:\Program Files (x86)\AdwCleaner
2016-03-15 14:57:11 ----D---- C:\rsit
2016-03-15 14:57:11 ----D---- C:\Program Files\trend micro
2016-03-15 09:13:45 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2016-03-15 09:13:15 ----A---- C:\Windows\system32\aswBoot.exe
2016-03-15 09:12:43 ----A---- C:\Windows\avastSS.scr
2016-02-21 22:41:16 ----D---- C:\Program Files (x86)\OpenXML-ODF Translator

======List of files/folders modified in the last 1 month======

2016-03-16 20:29:58 ----D---- C:\Windows\Temp
2016-03-16 19:20:49 ----D---- C:\Windows\system32\drivers
2016-03-16 19:20:43 ----D---- C:\Windows\SYSWOW64\vbox
2016-03-16 19:20:43 ----D---- C:\Windows\system32\vbox
2016-03-16 19:07:39 ----A---- C:\Windows\SYSWOW64\log.txt
2016-03-16 18:58:54 ----HD---- C:\ProgramData
2016-03-16 18:47:33 ----D---- C:\Windows\System32
2016-03-16 18:47:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-16 18:47:32 ----D---- C:\Windows\inf
2016-03-16 12:28:17 ----D---- C:\Windows\system32\config
2016-03-16 12:28:03 ----D---- C:\Windows\winsxs
2016-03-16 12:10:32 ----D---- C:\Windows\system32\Tasks
2016-03-16 12:09:18 ----SHD---- C:\System Volume Information
2016-03-16 12:05:29 ----SHD---- C:\Windows\Installer
2016-03-16 12:05:27 ----SHD---- C:\Config.Msi
2016-03-16 12:05:24 ----D---- C:\ProgramData\TuneUp Software
2016-03-16 12:05:20 ----D---- C:\Windows\SysWOW64
2016-03-16 12:01:17 ----RD---- C:\Program Files (x86)
2016-03-16 07:47:41 ----SD---- C:\Windows\system32\CompatTel
2016-03-16 07:47:38 ----D---- C:\Windows\system32\appraiser
2016-03-16 07:47:38 ----D---- C:\Windows\AppPatch
2016-03-16 07:28:31 ----D---- C:\Users\Jiří Jamník\AppData\Roaming\Nitro PDF
2016-03-16 06:48:32 ----D---- C:\Windows\rescache
2016-03-16 00:05:34 ----D---- C:\Windows\Microsoft.NET
2016-03-16 00:05:21 ----RSD---- C:\Windows\assembly
2016-03-16 00:01:54 ----D---- C:\Windows\system32\catroot2
2016-03-15 23:43:46 ----D---- C:\Windows\system32\NDF
2016-03-15 22:59:09 ----D---- C:\Windows\Prefetch
2016-03-15 22:38:43 ----RSD---- C:\Windows\Fonts
2016-03-15 22:38:43 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-03-15 22:38:43 ----D---- C:\Windows\system32\cs-CZ
2016-03-15 22:05:51 ----D---- C:\Program Files (x86)\Google
2016-03-15 22:05:43 ----D---- C:\Windows\Tasks
2016-03-15 21:56:00 ----D---- C:\Program Files\Internet Explorer
2016-03-15 21:55:56 ----D---- C:\Windows\SYSWOW64\en-US
2016-03-15 21:55:51 ----D---- C:\Windows\system32\en-US
2016-03-15 21:55:47 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-15 21:55:44 ----D---- C:\Program Files\Windows Media Player
2016-03-15 21:55:44 ----D---- C:\Program Files (x86)\Windows Media Player
2016-03-15 21:55:14 ----D---- C:\Windows\system32\DriverStore
2016-03-15 19:36:04 ----D---- C:\Windows
2016-03-15 17:47:48 ----D---- C:\Windows\debug
2016-03-15 15:42:45 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-03-15 14:57:11 ----D---- C:\Program Files
2016-03-15 12:47:27 ----D---- C:\Windows\system32\wbem
2016-03-15 12:45:14 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-03-15 12:45:09 ----D---- C:\Users\Jiří Jamník\AppData\Roaming\MB-Ruler
2016-03-15 12:45:07 ----D---- C:\Users\Jiří Jamník\AppData\Roaming\Winamp
2016-03-15 12:45:07 ----D---- C:\Users\Jiří Jamník\AppData\Roaming\uTorrent
2016-03-15 12:44:44 ----D---- C:\Windows\system32\CodeIntegrity
2016-03-15 12:44:42 ----SD---- C:\Windows\system32\GWX
2016-03-15 12:44:37 ----D---- C:\Windows\system32\Macromed
2016-03-15 12:43:36 ----D---- C:\Windows\registration
2016-03-15 09:25:25 ----D---- C:\Program Files\CCleaner
2016-03-15 09:13:02 ----D---- C:\ProgramData\AVAST Software
2016-03-15 09:12:22 ----D---- C:\Program Files\avast software
2016-03-11 06:59:19 ----D---- C:\Windows\system32\MRT
2016-03-11 06:51:45 ----A---- C:\Windows\system32\MRT.exe
2016-02-28 08:31:18 ----SD---- C:\Windows\SYSWOW64\GWX
2016-02-19 21:08:49 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2016-02-19 21:08:49 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-03-15 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-03-15 287016]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2013-08-03 458584]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2016-03-15 154024]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-03-15 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-03-15 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-03-15 1070904]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-03-15 463744]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-08-20 283064]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-08-03 613720]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2016-03-15 462304]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-03-15 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-03-15 107792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-03-15 165344]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-08-29 11576]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [2016-03-15 310904]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-15 6403072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-15 188928]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-05-23 2750464]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-22 2298400]
R3 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-30 44912]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-12-02 213280]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 325152]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2016-02-15 32304]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-03-15 6403072]
S3 BrSerIb;Brother Serial Interface Driver(WDM); C:\Windows\system32\DRIVERS\BrSerIb.sys [2012-11-15 95344]
S3 BrUsbSIb;Brother Serial USB Driver(WDM); C:\Windows\system32\DRIVERS\BrUsbSIb.sys [2012-11-15 21872]
S3 cleanhlp;cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2015-12-08 122160]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2009-06-29 132608]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\SysWOW64\FsUsbExDisk.SYS [2013-03-20 37344]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-04-09 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-04-09 116864]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2009-06-29 116096]
S3 LUMDriver;LUMDriver; \??\C:\Windows\system32\drivers\LUMDriver.sys []
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-05-18 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-05-18 27136]
S3 NPF;WinPcap Packet Driver (NPF); C:\Windows\system32\drivers\NPF.sys [2011-02-11 35344]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-01-07 232992]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2015-12-08 214832]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [2016-03-16 28272]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-05-18 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-05-18 9216]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-08-13 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-15 202752]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2016-03-15 237096]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-02-18 1045928]
R2 Brother XP spl Service;BrSplService; C:\Windows\syswow64\brsvc01a.exe [2002-04-12 57344]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool; C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [2011-01-14 341296]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-01-14 242048]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-04-06 258928]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2016-02-15 4364200]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2013-08-12 2445304]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [2016-03-15 5570120]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2012-03-21 72704]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-03-26 1431888]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-12 146888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-11 57216]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-31 1255736]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-01-15 935208]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-09 144672]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S4 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-10-26 124368]

-----------------EOF-----------------

VIRY.CZ

při spuštění videa notebook zamrzne, nefunguje bod obnovi

při spuštění videa notebook zamrzne, nefunguje bod obnovi

Re: při spuštění videa notebook zamrzne, nefunguje bod obnov

Re: při spuštění videa notebook zamrzne, nefunguje bod obnov

Re: při spuštění videa notebook zamrzne, nefunguje bod obnov

Re: při spuštění videa notebook zamrzne, nefunguje bod obnov

Re: při spuštění videa notebook zamrzne, nefunguje bod obnov

Re: při spuštění videa notebook zamrzne, nefunguje bod obnov

Re: při spuštění videa notebook zamrzne, nefunguje bod obnov

Re: při spuštění videa notebook zamrzne, nefunguje bod obnov

Re: při spuštění videa notebook zamrzne, nefunguje bod obnov

Re: při spuštění videa notebook zamrzne, nefunguje bod obnov

Re: při spuštění videa notebook zamrzne, nefunguje bod obnov

Re: při spuštění videa notebook zamrzne, nefunguje bod obnov

Re: při spuštění videa notebook zamrzne, nefunguje bod obnov

Re: při spuštění videa notebook zamrzne, nefunguje bod obnov