Preventivka a Malwarebytes log

[khonsun]

Dobry den. Nevim jestli mohu/mam odstranit nelezene. Kontr. jsem provedl pote, co jsem kyvnul na spolupraci s Gemius s.r.o. a nainstaloval prg. NetSoftware /vyzkum/. Netusim souvisi/nesouvisi, mazat/nemazat........ Log z Roksitu se sem jiz nevejde, dodam nasledne. Dekuji za rady.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 19.6.2016
Čas skenování: 14:22
Protokol: Malwarbytes.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.06.19.02
Databáze rootkitů: v2016.05.27.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: khonsun

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 531783
Uplynulý čas: 1 hod, 38 min, 43 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 15
PUP.Optional.Gemius, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CE7C3CF0-4B15-11D1-ABED-709549C10000}, , [4c823cc25d3ccb6b937c44442bd70000],
PUP.Optional.Gemius, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CE7C3CF0-4B15-11D1-ABED-709549C10000}, , [4c823cc25d3ccb6b937c44442bd70000],
PUP.Optional.Gemius, HKLM\SOFTWARE\CLASSES\Gemius.IEHlprObj.1, , [4c823cc25d3ccb6b937c44442bd70000],
PUP.Optional.Gemius, HKLM\SOFTWARE\CLASSES\Gemius.IEHlprObj, , [4c823cc25d3ccb6b937c44442bd70000],
PUP.Optional.Gemius, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Gemius.IEHlprObj, , [4c823cc25d3ccb6b937c44442bd70000],
PUP.Optional.Gemius, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Gemius.IEHlprObj, , [4c823cc25d3ccb6b937c44442bd70000],
PUP.Optional.Gemius, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{CE7C3CF0-4B15-11D1-ABED-709549C10000}, , [4c823cc25d3ccb6b937c44442bd70000],
PUP.Optional.Gemius, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Gemius.IEHlprObj.1, , [4c823cc25d3ccb6b937c44442bd70000],
PUP.Optional.Gemius, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Gemius.IEHlprObj.1, , [4c823cc25d3ccb6b937c44442bd70000],
PUP.Optional.Gemius, HKLM\SOFTWARE\CLASSES\TYPELIB\{CE7C3CE2-4B15-11D1-ABED-709549C10000}, , [4c823cc25d3ccb6b937c44442bd70000],
PUP.Optional.Gemius, HKLM\SOFTWARE\CLASSES\INTERFACE\{CE7C3CEF-4B15-11D1-ABED-709549C10000}, , [4c823cc25d3ccb6b937c44442bd70000],
PUP.Optional.Gemius, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{CE7C3CEF-4B15-11D1-ABED-709549C10000}, , [4c823cc25d3ccb6b937c44442bd70000],
PUP.Optional.Gemius, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{CE7C3CEF-4B15-11D1-ABED-709549C10000}, , [4c823cc25d3ccb6b937c44442bd70000],
PUP.Optional.Gemius, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{CE7C3CE2-4B15-11D1-ABED-709549C10000}, , [4c823cc25d3ccb6b937c44442bd70000],
PUP.Optional.Gemius, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{CE7C3CE2-4B15-11D1-ABED-709549C10000}, , [4c823cc25d3ccb6b937c44442bd70000],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 2
PUP.Optional.Gemius, C:\Program Files\NetSoftware\IEHelper.dll, , [4c823cc25d3ccb6b937c44442bd70000],
PUP.Optional.PassView, C:\Apli\WebBrowserPassView\WebBrowserPassView.exe, , [a32bae50b5e46fc722d6af9f2dd4aa56],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

---

[Rudy]

Zdravím!
Všechny položky smažte.

[khonsun]

Diky; smazano. Jeste prosim
Logfile of random's system information tool 1.10 (written by random/random)
Run by khonsun at 2016-06-21 08:37:19
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 136 GB (63%) free of 215 GB
Total RAM: 8126 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:37:20, on 21.6.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18283)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Windows\vsnp2std.exe
C:\Program Files (x86)\SmartClock\SmartClock.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Apli\Clipboard recorder\clipboard_recorder_portable\clipboard_recorder_portable.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\Program Files\NetSoftware\NetSoftware.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\trend micro\khonsun.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [IFXSPMGT] "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [NetSoftware] "C:\Program Files\NetSoftware\Starter.exe" /path="C:\Program Files\NetSoftware"
O4 - HKCU\..\Run: [SmartClock] C:\Program Files (x86)\SmartClock\SmartClock.exe /boot
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: clipboard.lnk = C:\Apli\Clipboard recorder\clipboard_recorder_portable\clipboard_recorder_portable.exe
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AB43CF3-A3CB-4842-A105-55BA463F3ABE}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0566E98-D10F-49A4-922B-3B29AB98FF7C}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{2AB43CF3-A3CB-4842-A105-55BA463F3ABE}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{2AB43CF3-A3CB-4842-A105-55BA463F3ABE}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\guard32.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Program Files (x86)\AOMEI Backupper\ABService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4.0 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung RAPID Mode Service (SamsungRapidSvc) - Unknown owner - C:\Windows\system32\RAPID\SamsungRapidSvc.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Apli\Skype\SkypePortable\App\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15213 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE" "C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe"
C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe
C:\Windows\system32\WLANExt.exe 25181248
\??\C:\Windows\system32\conhost.exe "-253757369-877658736298116375-950630421399289209-7088572261554501984-616089647
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
taskeng.exe {FE1212C2-59AE-4CB6-92F5-1DA4A3D6A00B}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\AOMEI Backupper\ABService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\CISVC.EXE
C:\Windows\System32\svchost.exe -k utcsvc
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe"
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe"
system32\RAPID\SamsungRapidSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"ConnectifyD.exe"
\??\C:\Windows\system32\conhost.exe "-7954398331997699178-295732140-1728800887-1294131484967137384-1742760990227028520
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
"c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
WLIDSvcM.exe 3560
C:\Windows\servicing\TrustedInstaller.exe
"taskhost.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Windows\vsnp2std.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe"
"C:\Program Files (x86)\SmartClock\SmartClock.exe" /boot
"C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Apli\Clipboard recorder\clipboard_recorder_portable\clipboard_recorder_portable.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\NetSoftware\NetSoftware.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskeng.exe {8BF8E609-1CDB-47DA-8A53-249A1D3AE720}
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -PID:123
"D:\SwStazen\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeGoogleUpdate.exeC:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [2014-09-16 281776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartClock"=C:\Program Files (x86)\SmartClock\SmartClock.exe [2003-04-26 880128]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2015-10-21 563416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-09-04 767312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPPowerAssistant]
C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-01-27 13880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-01-29 299576]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-02-07 12274688]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-02-16 94264]
"IFXSPMGT"=c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2011-01-20 1125728]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-06-10 7405752]
"NetSoftware"=C:\Program Files\NetSoftware\Starter.exe [2016-06-01 228536]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
clipboard.lnk - C:\Apli\Clipboard recorder\clipboard_recorder_portable\clipboard_recorder_portable.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-01-27 385024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=EpePcNp64
DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo"=vfwwdm32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-06-20 16:09:31 ----D---- C:\Program Files (x86)\3StepPDF
2016-06-19 12:46:52 ----D---- C:\Program Files (x86)\Aidfile recovery
2016-06-18 23:25:31 ----DC---- C:\Windows\system32\DRVSTORE
2016-06-18 23:25:31 ----D---- C:\Windows\system32\RAPID
2016-06-18 23:25:31 ----A---- C:\Windows\system32\drivers\SamsungRapidDiskFltr.sys
2016-06-18 14:05:17 ----D---- C:\ProgramData\AnyMP4 Studio
2016-06-18 14:05:17 ----D---- C:\Program Files (x86)\AnyMP4 Studio
2016-06-17 13:10:34 ----D---- C:\ProgramData\NetSoftware
2016-06-17 13:09:38 ----D---- C:\Program Files\NetSoftware
2016-06-16 13:26:05 ----D---- C:\ProgramData\Apple
2016-06-16 13:26:05 ----D---- C:\Program Files\Bonjour
2016-06-16 13:26:05 ----D---- C:\Program Files (x86)\Bonjour
2016-06-16 13:25:59 ----D---- C:\Users\khonsun\AppData\Roaming\Apowersoft
2016-06-16 13:25:59 ----D---- C:\Program Files (x86)\Apowersoft
2016-06-08 20:26:39 ----D---- C:\Program Files (x86)\Skype
2016-06-07 08:36:38 ----D---- C:\Program Files\IM-Magic
2016-06-05 10:39:39 ----D---- C:\ProgramData\YTD Video Downloader
2016-06-05 10:39:31 ----D---- C:\Program Files (x86)\GreenTree Applications
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\wow64win.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\wow64.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\winsrv.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\wdigest.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\TSpkg.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\sspicli.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\srcore.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\smss.exe
2016-05-31 16:47:59 ----A---- C:\Windows\system32\schannel.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\rpchttp.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\rpcrt4.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-05-31 16:47:59 ----A---- C:\Windows\system32\ntdll.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\ncrypt.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\msv1_0.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\lsasrv.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\KernelBase.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\kernel32.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\kerberos.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-05-31 16:47:59 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-05-31 16:47:59 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-05-31 16:47:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-05-31 16:47:59 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-05-31 16:47:59 ----A---- C:\Windows\system32\csrsrv.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\conhost.exe
2016-05-31 16:47:59 ----A---- C:\Windows\system32\certcli.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\advapi32.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\user.exe
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\wow64cpu.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\sspisrv.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\srclient.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\secur32.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\rstrui.exe
2016-05-31 16:47:58 ----A---- C:\Windows\system32\ntvdm64.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\msobjs.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\msaudite.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\lsass.exe
2016-05-31 16:47:58 ----A---- C:\Windows\system32\drivers\appid.sys
2016-05-31 16:47:58 ----A---- C:\Windows\system32\cryptbase.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\credssp.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\auditpol.exe
2016-05-31 16:47:58 ----A---- C:\Windows\system32\appidsvc.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-05-31 16:47:58 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-05-31 16:47:58 ----A---- C:\Windows\system32\appidapi.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\apisetschema.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\adtschema.dll
2016-05-31 16:47:56 ----A---- C:\Windows\system32\win32k.sys
2016-05-31 16:47:55 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-05-31 16:47:55 ----A---- C:\Windows\system32\tzres.dll
2016-05-31 16:47:54 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-05-31 16:47:54 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-05-31 16:47:54 ----A---- C:\Windows\system32\cdd.dll
2016-05-31 16:46:49 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-05-31 16:46:49 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-05-31 16:29:50 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-05-31 16:29:50 ----A---- C:\Windows\system32\d3d10level9.dll
2016-05-31 16:29:49 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-05-31 16:29:49 ----A---- C:\Windows\system32\jnwmon.dll
2016-05-31 16:29:49 ----A---- C:\Windows\system32\gdi32.dll
2016-05-24 15:05:23 ----D---- C:\rsit

======List of files/folders modified in the last 1 month======

2016-06-21 08:37:19 ----D---- C:\Windows\Temp
2016-06-21 08:37:19 ----D---- C:\Program Files\trend micro
2016-06-21 08:36:17 ----A---- C:\Windows\SYSWOW64\log.txt
2016-06-21 08:34:21 ----D---- C:\Windows\system32\config
2016-06-21 08:34:18 ----D---- C:\ProgramData\PDFC
2016-06-21 08:34:16 ----D---- C:\ProgramData\HPQLOG
2016-06-21 08:34:02 ----D---- C:\Windows
2016-06-21 08:34:01 ----D---- C:\Windows\system32\drivers
2016-06-21 08:32:39 ----D---- C:\Windows\ModemLogs
2016-06-21 06:50:19 ----SHD---- C:\System Volume Information
2016-06-21 06:27:15 ----D---- C:\Windows\System32
2016-06-21 06:27:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-06-21 06:27:14 ----D---- C:\Windows\inf
2016-06-21 06:22:31 ----D---- C:\Program Files (x86)\SpeedFan
2016-06-20 16:09:31 ----RD---- C:\Program Files (x86)
2016-06-20 08:06:39 ----HD---- C:\ProgramData
2016-06-18 23:25:33 ----SHD---- C:\Windows\Installer
2016-06-18 23:25:11 ----D---- C:\Program Files (x86)\Samsung
2016-06-17 18:22:57 ----D---- C:\Users\khonsun\AppData\Roaming\Skype
2016-06-17 13:09:38 ----D---- C:\Program Files
2016-06-16 21:49:26 ----D---- C:\Windows\SysWOW64
2016-06-16 21:49:24 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-06-10 08:41:51 ----D---- C:\ProgramData\CanonIJPLM
2016-06-08 20:26:41 ----D---- C:\ProgramData\Skype
2016-06-08 08:50:58 ----D---- C:\Windows\system32\catroot2
2016-06-07 19:02:59 ----D---- C:\Users\khonsun\AppData\Roaming\MPC-HC
2016-06-07 09:05:06 ----D---- C:\Apli
2016-06-01 09:57:19 ----D---- C:\Windows\rescache
2016-06-01 07:36:48 ----D---- C:\Windows\Microsoft.NET
2016-06-01 07:35:59 ----RSD---- C:\Windows\assembly
2016-05-31 23:08:24 ----D---- C:\Windows\winsxs
2016-05-31 23:08:23 ----D---- C:\Windows\ehome
2016-05-31 17:04:47 ----D---- C:\Windows\debug
2016-05-31 16:59:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-05-31 16:59:21 ----D---- C:\Windows\system32\cs-CZ
2016-05-31 16:59:21 ----D---- C:\Program Files\Windows Journal
2016-05-31 16:59:20 ----D---- C:\Windows\system32\en-US
2016-05-31 16:59:20 ----D---- C:\Windows\system32\Boot
2016-05-31 16:59:20 ----D---- C:\Windows\AppPatch
2016-05-31 16:56:55 ----D---- C:\Windows\system32\MRT
2016-05-31 16:48:22 ----A---- C:\Windows\system32\MRT.exe
2016-05-31 10:21:35 ----D---- C:\Program Files (x86)\Mozilla Thunderbird

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ambakdrv;ambakdrv; C:\Windows\system32\ambakdrv.sys [2015-02-26 30648]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-05-09 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-05-09 287528]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 MfeEpePc;MfeEpePc; C:\Windows\system32\drivers\MfeEpePc.sys [2011-02-09 168008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver; C:\Windows\system32\DRIVERS\SamsungRapidDiskFltr.sys [2014-09-16 268976]
R0 SamsungRapidFSFltr;SamsungRapidFSFltr; C:\Windows\system32\DRIVERS\SamsungRapidFSFltr.sys [2014-09-16 111280]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-05-09 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-05-09 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-05-09 1070904]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-05-09 465792]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-06-30 252344]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-06-30 41712]
R1 cnnctfy3;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy3.sys [2015-06-24 42152]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-06-30 92688]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [2010-01-26 44576]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 ammntdrv;ammntdrv; \??\C:\Windows\system32\ammntdrv.sys [2015-02-26 151480]
R2 amwrtdrv;amwrtdrv; \??\C:\Windows\system32\amwrtdrv.sys [2015-02-26 17848]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-05-09 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-05-09 107792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-05-09 166432]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2010-01-26 1212416]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2011-03-29 22592]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-03-29 3065408]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-03 39464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-12-21 316080]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-12-03 25912]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-01-27 12273408]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2011-01-31 174168]
R3 johci;JMicron 1394 Filter Driver; C:\Windows\system32\DRIVERS\johci.sys [2011-02-09 26712]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-11-28 1866080]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-01-27 520192]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-09-16 392752]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-09-18 22784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 CpqDfw;Compaq Dfw; C:\Windows\system32\drivers\CpqDfw.sys []
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2011-02-07 63336]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2010-07-12 72648]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-07-12 85320]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 MDA_NTDRV;MDA_NTDRV; \??\C:\Windows\syswow64\MDA_NTDRV.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561V64.SYS [2009-05-01 588952]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 Ser2pl;Prolific Serial port WDF driver; C:\Windows\system32\DRIVERS\ser2pl64.sys [2012-07-26 158720]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\Windows\system32\DRIVERS\snp2sxp.sys [2007-04-09 12342656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2015-03-30 172344]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-12-04 28672]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2011-03-08 122608]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-09 243296]
R2 Backupper Service;AOMEI Backupper Scheduler Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [2015-07-16 29912]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-30 951584]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 19456]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-06-30 2528096]
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2015-04-09 217088]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-02-12 481104]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-01-29 281656]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 IFXSpMgtSrv;Security Platform Management Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2011-01-20 1125728]
R2 IFXTCS;Trusted Platform Core Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [2011-01-20 980320]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-05-19 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-04 326168]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-02-09 1318912]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-05-06 1128952]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
R2 PersonalSecureDriveService;Personal Secure Drive Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [2011-01-20 203104]
R2 SamsungRapidSvc;Samsung RAPID Mode Service; C:\Windows\system32\RAPID\SamsungRapidSvc.exe [2014-09-16 28848]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-01-27 296448]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-04 2656280]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-01-22 3154224]
R3 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-01-12 36864]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Apli\Skype\SkypePortable\App\Skype\Updater\Updater.exe [2016-03-23 327808]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-16 270016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-02-04 464480]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 hpCMSrv;HP Connection Manager 4.0 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-16 1071160]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-03-31 114688]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Rudy]

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[khonsun]

# AdwCleaner v5.200 - Log vytvořen 21/06/2016 v 13:37:17
# Aktualizováno 14/06/2016 by ToolsLib
# Databáze : 2016-06-20.3 [Server]
# OperaÄŤnĂ­ system : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : khonsun - KHONSUN-HP
# Spuštěno z : D:\SwStazen\adwcleaner_5.200.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum

***** [ SluĹľby ] *****


***** [ SloĹľky ] *****

[-] Složka Smazáno : C:\ProgramData\FreeRIP
[-] Složka Smazáno : C:\ProgramData\ytd video downloader
[#] Složka Smazáno : C:\ProgramData\Application Data\FreeRIP
[#] Složka Smazáno : C:\ProgramData\Application Data\ytd video downloader
[-] Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
[-] Složka Smazáno : C:\Program Files (x86)\FreeRIP
[-] Složka Smazáno : C:\Program Files (x86)\GreenTree Applications
[-] Složka Smazáno : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater
[-] Složka Smazáno : C:\Users\khonsun\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall
[-] Složka Smazáno : C:\Users\khonsun\AppData\Local\VirtualStore\Program Files (x86)\FreeRIP

***** [ Soubory ] *****

[-] Soubor Smazáno : C:\Users\Public\Desktop\YTD Video Downloader.lnk
[-] Soubor Smazáno : C:\Users\khonsun\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage
[-] Soubor Smazáno : C:\Users\khonsun\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage-journal
[-] Soubor Smazáno : C:\Users\khonsun\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
[-] Soubor Smazáno : C:\Users\khonsun\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.icq.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úlohy ] *****


***** [ Registry ] *****

[-] Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaejaghnbcjilindpkgmcmdflpgjf
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaejaghnbcjilindpkgmcmdflpgjf
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\ToolbarVstar.ToolbarVs
[-] Klíč Smazáno : HKCU\Software\GreenTree Applications\YTD
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}

***** [ ProhlĂ­ĹľeÄŤe ] *****

[-] [C:\Users\khonsun\AppData\Roaming\Mozilla\Firefox\Profiles\2y1n5jwj.default\prefs.js] Smazáno : user_pref("browser.search.param.yahoo-fr", "chr-greentree_ff&type=937811&ilc=12");
[-] [C:\Users\khonsun\AppData\Roaming\Mozilla\Firefox\Profiles\2y1n5jwj.default\prefs.js] Smazáno : user_pref("extensions.snipit.searchAssistEnabled", true);
[-] [C:\Users\khonsun\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : ytd-video-downloader-free.en.softonic.com
[-] [C:\Users\khonsun\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : double-driver.en.softonic.com
[-] [C:\Users\khonsun\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : efatra.cz
[-] [C:\Users\khonsun\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Smazáno : aaaaaejaghnbcjilindpkgmcmdflpgjf
[-] [C:\Users\khonsun\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Smazáno : chphlpgkkbolifaimnlloiipkdnihall

*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3752 bytĹŻ] - [21/06/2016 13:37:17]
C:\AdwCleaner\AdwCleaner[S1].txt - [3800 bytĹŻ] - [21/06/2016 13:35:33]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3898 bytĹŻ] ##########

[Rudy]

Dejte nový log RSIT.

[khonsun]

Logfile of random's system information tool 1.10 (written by random/random)
Run by khonsun at 2016-06-21 15:55:13
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 135 GB (63%) free of 215 GB
Total RAM: 8126 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:55:14, on 21.6.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18283)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Windows\vsnp2std.exe
C:\Program Files (x86)\SmartClock\SmartClock.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Apli\Clipboard recorder\clipboard_recorder_portable\clipboard_recorder_portable.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\Program Files\NetSoftware\NetSoftware.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\trend micro\khonsun.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [IFXSPMGT] "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [NetSoftware] "C:\Program Files\NetSoftware\Starter.exe" /path="C:\Program Files\NetSoftware"
O4 - HKCU\..\Run: [SmartClock] C:\Program Files (x86)\SmartClock\SmartClock.exe /boot
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: clipboard.lnk = C:\Apli\Clipboard recorder\clipboard_recorder_portable\clipboard_recorder_portable.exe
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AB43CF3-A3CB-4842-A105-55BA463F3ABE}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0566E98-D10F-49A4-922B-3B29AB98FF7C}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{2AB43CF3-A3CB-4842-A105-55BA463F3ABE}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{2AB43CF3-A3CB-4842-A105-55BA463F3ABE}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\guard32.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Program Files (x86)\AOMEI Backupper\ABService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4.0 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung RAPID Mode Service (SamsungRapidSvc) - Unknown owner - C:\Windows\system32\RAPID\SamsungRapidSvc.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Apli\Skype\SkypePortable\App\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15158 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE" "C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe"
C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe
C:\Windows\system32\WLANExt.exe 30084176
\??\C:\Windows\system32\conhost.exe "-1105591206-1302360618474509275567845139527621497-871085071127604062-390187525
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\AOMEI Backupper\ABService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\CISVC.EXE
C:\Windows\System32\svchost.exe -k utcsvc
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe"
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe"
system32\RAPID\SamsungRapidSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"ConnectifyD.exe"
C:\Windows\system32\wbem\wmiprvse.exe
\??\C:\Windows\system32\conhost.exe "4772034421570553705-143802505152165620414600440321911250125-842006413-1532660826
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
"c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
WLIDSvcM.exe 3600
"taskhost.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Windows\vsnp2std.exe"
"C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe"
"C:\Program Files (x86)\SmartClock\SmartClock.exe" /boot
"C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Apli\Clipboard recorder\clipboard_recorder_portable\clipboard_recorder_portable.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\NetSoftware\NetSoftware.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding

C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\SwStazen\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeallsource schedulers\CurrentVersion\Run]
"SmartClock"=C:\Program Files (x86)\SmartClock\SmartClock.exe [2003-04-26 880128]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2015-10-21 563416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-09-04 767312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPPowerAssistant]
C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-01-27 13880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-01-29 299576]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-02-07 12274688]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-02-16 94264]
"IFXSPMGT"=c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2011-01-20 1125728]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-06-10 7405752]
"NetSoftware"=C:\Program Files\NetSoftware\Starter.exe [2016-06-01 228536]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
clipboard.lnk - C:\Apli\Clipboard recorder\clipboard_recorder_portable\clipboard_recorder_portable.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-01-27 385024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=EpePcNp64
DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo"=vfwwdm32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-06-21 13:35:08 ----D---- C:\AdwCleaner
2016-06-20 16:09:31 ----D---- C:\Program Files (x86)\3StepPDF
2016-06-19 12:46:52 ----D---- C:\Program Files (x86)\Aidfile recovery
2016-06-18 23:25:31 ----DC---- C:\Windows\system32\DRVSTORE
2016-06-18 23:25:31 ----D---- C:\Windows\system32\RAPID
2016-06-18 23:25:31 ----A---- C:\Windows\system32\drivers\SamsungRapidDiskFltr.sys
2016-06-18 14:05:17 ----D---- C:\ProgramData\AnyMP4 Studio
2016-06-18 14:05:17 ----D---- C:\Program Files (x86)\AnyMP4 Studio
2016-06-17 13:10:34 ----D---- C:\ProgramData\NetSoftware
2016-06-17 13:09:38 ----D---- C:\Program Files\NetSoftware
2016-06-16 13:26:05 ----D---- C:\ProgramData\Apple
2016-06-16 13:26:05 ----D---- C:\Program Files\Bonjour
2016-06-16 13:26:05 ----D---- C:\Program Files (x86)\Bonjour
2016-06-16 13:25:59 ----D---- C:\Users\khonsun\AppData\Roaming\Apowersoft
2016-06-16 13:25:59 ----D---- C:\Program Files (x86)\Apowersoft
2016-06-08 20:26:39 ----D---- C:\Program Files (x86)\Skype
2016-06-07 08:36:38 ----D---- C:\Program Files\IM-Magic
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\wow64win.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\wow64.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\winsrv.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\wdigest.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\TSpkg.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\sspicli.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\srcore.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\smss.exe
2016-05-31 16:47:59 ----A---- C:\Windows\system32\schannel.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\rpchttp.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\rpcrt4.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-05-31 16:47:59 ----A---- C:\Windows\system32\ntdll.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\ncrypt.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\msv1_0.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\lsasrv.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\KernelBase.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\kernel32.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\kerberos.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-05-31 16:47:59 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-05-31 16:47:59 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-05-31 16:47:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-05-31 16:47:59 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-05-31 16:47:59 ----A---- C:\Windows\system32\csrsrv.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\conhost.exe
2016-05-31 16:47:59 ----A---- C:\Windows\system32\certcli.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\advapi32.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\user.exe
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\wow64cpu.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\sspisrv.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\srclient.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\secur32.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\rstrui.exe
2016-05-31 16:47:58 ----A---- C:\Windows\system32\ntvdm64.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\msobjs.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\msaudite.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\lsass.exe
2016-05-31 16:47:58 ----A---- C:\Windows\system32\drivers\appid.sys
2016-05-31 16:47:58 ----A---- C:\Windows\system32\cryptbase.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\credssp.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\auditpol.exe
2016-05-31 16:47:58 ----A---- C:\Windows\system32\appidsvc.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-05-31 16:47:58 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-05-31 16:47:58 ----A---- C:\Windows\system32\appidapi.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\apisetschema.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\adtschema.dll
2016-05-31 16:47:56 ----A---- C:\Windows\system32\win32k.sys
2016-05-31 16:47:55 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-05-31 16:47:55 ----A---- C:\Windows\system32\tzres.dll
2016-05-31 16:47:54 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-05-31 16:47:54 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-05-31 16:47:54 ----A---- C:\Windows\system32\cdd.dll
2016-05-31 16:46:49 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-05-31 16:46:49 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-05-31 16:29:50 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-05-31 16:29:50 ----A---- C:\Windows\system32\d3d10level9.dll
2016-05-31 16:29:49 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-05-31 16:29:49 ----A---- C:\Windows\system32\jnwmon.dll
2016-05-31 16:29:49 ----A---- C:\Windows\system32\gdi32.dll
2016-05-24 15:05:23 ----D---- C:\rsit

======List of files/folders modified in the last 1 month======

2016-06-21 15:55:13 ----D---- C:\Windows\Temp
2016-06-21 15:55:13 ----D---- C:\Program Files\trend micro
2016-06-21 14:45:01 ----D---- C:\Program Files (x86)\SpeedFan
2016-06-21 14:44:21 ----SHD---- C:\System Volume Information
2016-06-21 13:48:47 ----D---- C:\Windows\system32\config
2016-06-21 13:44:38 ----D---- C:\Windows\System32
2016-06-21 13:44:38 ----D---- C:\Windows\inf
2016-06-21 13:44:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-06-21 13:40:42 ----A---- C:\Windows\SYSWOW64\log.txt
2016-06-21 13:38:42 ----D---- C:\ProgramData\PDFC
2016-06-21 13:38:41 ----D---- C:\ProgramData\HPQLOG
2016-06-21 13:37:18 ----RD---- C:\Program Files (x86)
2016-06-21 13:37:17 ----HD---- C:\ProgramData
2016-06-21 08:34:02 ----D---- C:\Windows
2016-06-21 08:34:01 ----D---- C:\Windows\system32\drivers
2016-06-21 08:34:01 ----D---- C:\Windows\ModemLogs
2016-06-18 23:25:33 ----SHD---- C:\Windows\Installer
2016-06-18 23:25:11 ----D---- C:\Program Files (x86)\Samsung
2016-06-17 18:22:57 ----D---- C:\Users\khonsun\AppData\Roaming\Skype
2016-06-17 13:09:38 ----D---- C:\Program Files
2016-06-16 21:49:26 ----D---- C:\Windows\SysWOW64
2016-06-16 21:49:24 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-06-10 08:41:51 ----D---- C:\ProgramData\CanonIJPLM
2016-06-08 20:26:41 ----D---- C:\ProgramData\Skype
2016-06-08 08:50:58 ----D---- C:\Windows\system32\catroot2
2016-06-07 19:02:59 ----D---- C:\Users\khonsun\AppData\Roaming\MPC-HC
2016-06-07 09:05:06 ----D---- C:\Apli
2016-06-01 09:57:19 ----D---- C:\Windows\rescache
2016-06-01 07:36:48 ----D---- C:\Windows\Microsoft.NET
2016-06-01 07:35:59 ----RSD---- C:\Windows\assembly
2016-05-31 23:08:24 ----D---- C:\Windows\winsxs
2016-05-31 23:08:23 ----D---- C:\Windows\ehome
2016-05-31 17:04:47 ----D---- C:\Windows\debug
2016-05-31 16:59:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-05-31 16:59:21 ----D---- C:\Windows\system32\cs-CZ
2016-05-31 16:59:21 ----D---- C:\Program Files\Windows Journal
2016-05-31 16:59:20 ----D---- C:\Windows\system32\en-US
2016-05-31 16:59:20 ----D---- C:\Windows\system32\Boot
2016-05-31 16:59:20 ----D---- C:\Windows\AppPatch
2016-05-31 16:56:55 ----D---- C:\Windows\system32\MRT
2016-05-31 16:48:22 ----A---- C:\Windows\system32\MRT.exe
2016-05-31 10:21:35 ----D---- C:\Program Files (x86)\Mozilla Thunderbird

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ambakdrv;ambakdrv; C:\Windows\system32\ambakdrv.sys [2015-02-26 30648]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-05-09 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-05-09 287528]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 MfeEpePc;MfeEpePc; C:\Windows\system32\drivers\MfeEpePc.sys [2011-02-09 168008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver; C:\Windows\system32\DRIVERS\SamsungRapidDiskFltr.sys [2014-09-16 268976]
R0 SamsungRapidFSFltr;SamsungRapidFSFltr; C:\Windows\system32\DRIVERS\SamsungRapidFSFltr.sys [2014-09-16 111280]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-05-09 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-05-09 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-05-09 1070904]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-05-09 465792]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-06-30 252344]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-06-30 41712]
R1 cnnctfy3;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy3.sys [2015-06-24 42152]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-06-30 92688]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [2010-01-26 44576]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 ammntdrv;ammntdrv; \??\C:\Windows\system32\ammntdrv.sys [2015-02-26 151480]
R2 amwrtdrv;amwrtdrv; \??\C:\Windows\system32\amwrtdrv.sys [2015-02-26 17848]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-05-09 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-05-09 107792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-05-09 166432]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2010-01-26 1212416]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2011-03-29 22592]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-03-29 3065408]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-03 39464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-12-21 316080]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-12-03 25912]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-01-27 12273408]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2011-01-31 174168]
R3 johci;JMicron 1394 Filter Driver; C:\Windows\system32\DRIVERS\johci.sys [2011-02-09 26712]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-11-28 1866080]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-01-27 520192]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-09-16 392752]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-09-18 22784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 CpqDfw;Compaq Dfw; C:\Windows\system32\drivers\CpqDfw.sys []
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2011-02-07 63336]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2010-07-12 72648]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-07-12 85320]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 MDA_NTDRV;MDA_NTDRV; \??\C:\Windows\syswow64\MDA_NTDRV.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561V64.SYS [2009-05-01 588952]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 Ser2pl;Prolific Serial port WDF driver; C:\Windows\system32\DRIVERS\ser2pl64.sys [2012-07-26 158720]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\Windows\system32\DRIVERS\snp2sxp.sys [2007-04-09 12342656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2015-03-30 172344]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-12-04 28672]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2011-03-08 122608]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-09 243296]
R2 Backupper Service;AOMEI Backupper Scheduler Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [2015-07-16 29912]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-30 951584]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 19456]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-06-30 2528096]
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2015-04-09 217088]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-02-12 481104]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-01-29 281656]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 IFXSpMgtSrv;Security Platform Management Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2011-01-20 1125728]
R2 IFXTCS;Trusted Platform Core Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [2011-01-20 980320]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-05-19 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-04 326168]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-02-09 1318912]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-05-06 1128952]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
R2 PersonalSecureDriveService;Personal Secure Drive Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [2011-01-20 203104]
R2 SamsungRapidSvc;Samsung RAPID Mode Service; C:\Windows\system32\RAPID\SamsungRapidSvc.exe [2014-09-16 28848]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-01-27 296448]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-04 2656280]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-01-22 3154224]
R3 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-01-12 36864]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Apli\Skype\SkypePortable\App\Skype\Updater\Updater.exe [2016-03-23 327808]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-16 270016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-02-04 464480]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 hpCMSrv;HP Connection Manager 4.0 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-16 1071160]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-03-31 114688]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:services
Bonjour Service

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

[khonsun]

Logfile of random's system information tool 1.10 (written by random/random)
Run by khonsun at 2016-06-21 17:45:14
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 135 GB (63%) free of 215 GB
Total RAM: 8126 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:45:16, on 21.6.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18283)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPUsageTrack.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Windows\vsnp2std.exe
C:\Program Files (x86)\SmartClock\SmartClock.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Apli\Clipboard recorder\clipboard_recorder_portable\clipboard_recorder_portable.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\Program Files\NetSoftware\NetSoftware.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\trend micro\khonsun.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [IFXSPMGT] "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [NetSoftware] "C:\Program Files\NetSoftware\Starter.exe" /path="C:\Program Files\NetSoftware"
O4 - HKCU\..\Run: [SmartClock] C:\Program Files (x86)\SmartClock\SmartClock.exe /boot
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: clipboard.lnk = C:\Apli\Clipboard recorder\clipboard_recorder_portable\clipboard_recorder_portable.exe
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AB43CF3-A3CB-4842-A105-55BA463F3ABE}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0566E98-D10F-49A4-922B-3B29AB98FF7C}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{2AB43CF3-A3CB-4842-A105-55BA463F3ABE}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{2AB43CF3-A3CB-4842-A105-55BA463F3ABE}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\windows\SysWOW64\guard32.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Program Files (x86)\AOMEI Backupper\ABService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4.0 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung RAPID Mode Service (SamsungRapidSvc) - Unknown owner - C:\Windows\system32\RAPID\SamsungRapidSvc.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Apli\Skype\SkypePortable\App\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15293 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE" "C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe"
C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe
C:\Windows\system32\WLANExt.exe 30333536
\??\C:\Windows\system32\conhost.exe "98583688237552399-1089657004-15195988551824434235-1067525864-335397063-925456286
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
taskeng.exe {6D699305-94C4-4E24-8DE8-6376EF0A57A9}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\AOMEI Backupper\ABService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\CISVC.EXE
C:\Windows\System32\svchost.exe -k utcsvc
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe"
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe"
system32\RAPID\SamsungRapidSvc.exe
C:\Apli\Skype\SkypePortable\App\Skype\Updater\Updater.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"ConnectifyD.exe"
C:\Windows\system32\wbem\wmiprvse.exe
\??\C:\Windows\system32\conhost.exe "1682268622901494759-2868357211984303021-185344272377619377-1629818922-2060449078
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
WLIDSvcM.exe 3528
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"taskhost.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\Explorer.EXE
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPUsageTrack.exe" -Embedding
"C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
"C:\Windows\vsnp2std.exe"
"C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\SmartClock\SmartClock.exe" /boot
"C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Apli\Clipboard recorder\clipboard_recorder_portable\clipboard_recorder_portable.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe"
"C:\Program Files\NetSoftware\NetSoftware.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -PID:123
C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\SwStazen\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exengRapidApp.exe [2014-09-16 281776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartClock"=C:\Program Files (x86)\SmartClock\SmartClock.exe [2003-04-26 880128]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2015-10-21 563416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-09-04 767312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPPowerAssistant]
C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-01-27 13880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-01-29 299576]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-02-07 12274688]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-02-16 94264]
"IFXSPMGT"=c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2011-01-20 1125728]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-06-10 7405752]
"NetSoftware"=C:\Program Files\NetSoftware\Starter.exe [2016-06-01 228536]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
clipboard.lnk - C:\Apli\Clipboard recorder\clipboard_recorder_portable\clipboard_recorder_portable.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-01-27 385024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=EpePcNp64
DPPassFilter
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo"=vfwwdm32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-06-21 13:35:08 ----D---- C:\AdwCleaner
2016-06-20 16:09:31 ----D---- C:\Program Files (x86)\3StepPDF
2016-06-19 12:46:52 ----D---- C:\Program Files (x86)\Aidfile recovery
2016-06-18 23:25:31 ----DC---- C:\Windows\system32\DRVSTORE
2016-06-18 23:25:31 ----D---- C:\Windows\system32\RAPID
2016-06-18 23:25:31 ----A---- C:\Windows\system32\drivers\SamsungRapidDiskFltr.sys
2016-06-18 14:05:17 ----D---- C:\ProgramData\AnyMP4 Studio
2016-06-18 14:05:17 ----D---- C:\Program Files (x86)\AnyMP4 Studio
2016-06-17 13:10:34 ----D---- C:\ProgramData\NetSoftware
2016-06-17 13:09:38 ----D---- C:\Program Files\NetSoftware
2016-06-16 13:26:05 ----D---- C:\ProgramData\Apple
2016-06-16 13:26:05 ----D---- C:\Program Files\Bonjour
2016-06-16 13:26:05 ----D---- C:\Program Files (x86)\Bonjour
2016-06-16 13:25:59 ----D---- C:\Users\khonsun\AppData\Roaming\Apowersoft
2016-06-16 13:25:59 ----D---- C:\Program Files (x86)\Apowersoft
2016-06-08 20:26:39 ----D---- C:\Program Files (x86)\Skype
2016-06-07 08:36:38 ----D---- C:\Program Files\IM-Magic
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-05-31 16:47:59 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\wow64win.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\wow64.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\winsrv.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\wdigest.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\TSpkg.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\sspicli.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\srcore.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\smss.exe
2016-05-31 16:47:59 ----A---- C:\Windows\system32\schannel.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\rpchttp.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\rpcrt4.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-05-31 16:47:59 ----A---- C:\Windows\system32\ntdll.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\ncrypt.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\msv1_0.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\lsasrv.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\KernelBase.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\kernel32.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\kerberos.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-05-31 16:47:59 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-05-31 16:47:59 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-05-31 16:47:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-05-31 16:47:59 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-05-31 16:47:59 ----A---- C:\Windows\system32\csrsrv.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\conhost.exe
2016-05-31 16:47:59 ----A---- C:\Windows\system32\certcli.dll
2016-05-31 16:47:59 ----A---- C:\Windows\system32\advapi32.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-31 16:47:58 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\user.exe
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-05-31 16:47:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\wow64cpu.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\sspisrv.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\srclient.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\secur32.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\rstrui.exe
2016-05-31 16:47:58 ----A---- C:\Windows\system32\ntvdm64.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\msobjs.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\msaudite.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\lsass.exe
2016-05-31 16:47:58 ----A---- C:\Windows\system32\drivers\appid.sys
2016-05-31 16:47:58 ----A---- C:\Windows\system32\cryptbase.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\credssp.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\auditpol.exe
2016-05-31 16:47:58 ----A---- C:\Windows\system32\appidsvc.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-05-31 16:47:58 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-05-31 16:47:58 ----A---- C:\Windows\system32\appidapi.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\apisetschema.dll
2016-05-31 16:47:58 ----A---- C:\Windows\system32\adtschema.dll
2016-05-31 16:47:56 ----A---- C:\Windows\system32\win32k.sys
2016-05-31 16:47:55 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-05-31 16:47:55 ----A---- C:\Windows\system32\tzres.dll
2016-05-31 16:47:54 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-05-31 16:47:54 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-05-31 16:47:54 ----A---- C:\Windows\system32\cdd.dll
2016-05-31 16:46:49 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-05-31 16:46:49 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-05-31 16:29:50 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-05-31 16:29:50 ----A---- C:\Windows\system32\d3d10level9.dll
2016-05-31 16:29:49 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-05-31 16:29:49 ----A---- C:\Windows\system32\jnwmon.dll
2016-05-31 16:29:49 ----A---- C:\Windows\system32\gdi32.dll
2016-05-24 15:05:23 ----D---- C:\rsit

======List of files/folders modified in the last 1 month======

2016-06-21 17:45:15 ----D---- C:\Program Files\trend micro
2016-06-21 17:44:37 ----D---- C:\Windows\Temp
2016-06-21 17:43:43 ----D---- C:\Windows\system32\config
2016-06-21 17:43:40 ----D---- C:\ProgramData\PDFC
2016-06-21 17:43:39 ----D---- C:\ProgramData\HPQLOG
2016-06-21 17:41:48 ----D---- C:\Windows\SysWOW64
2016-06-21 17:41:48 ----D---- C:\Windows
2016-06-21 14:45:01 ----D---- C:\Program Files (x86)\SpeedFan
2016-06-21 14:44:21 ----SHD---- C:\System Volume Information
2016-06-21 13:44:38 ----D---- C:\Windows\System32
2016-06-21 13:44:38 ----D---- C:\Windows\inf
2016-06-21 13:44:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-06-21 13:40:42 ----A---- C:\Windows\SYSWOW64\log.txt
2016-06-21 13:37:18 ----RD---- C:\Program Files (x86)
2016-06-21 13:37:17 ----HD---- C:\ProgramData
2016-06-21 08:34:01 ----D---- C:\Windows\system32\drivers
2016-06-21 08:34:01 ----D---- C:\Windows\ModemLogs
2016-06-18 23:25:33 ----SHD---- C:\Windows\Installer
2016-06-18 23:25:11 ----D---- C:\Program Files (x86)\Samsung
2016-06-17 18:22:57 ----D---- C:\Users\khonsun\AppData\Roaming\Skype
2016-06-17 13:09:38 ----D---- C:\Program Files
2016-06-16 21:49:24 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-06-10 08:41:51 ----D---- C:\ProgramData\CanonIJPLM
2016-06-08 20:26:41 ----D---- C:\ProgramData\Skype
2016-06-08 08:50:58 ----D---- C:\Windows\system32\catroot2
2016-06-07 19:02:59 ----D---- C:\Users\khonsun\AppData\Roaming\MPC-HC
2016-06-07 09:05:06 ----D---- C:\Apli
2016-06-01 09:57:19 ----D---- C:\Windows\rescache
2016-06-01 07:36:48 ----D---- C:\Windows\Microsoft.NET
2016-06-01 07:35:59 ----RSD---- C:\Windows\assembly
2016-05-31 23:08:24 ----D---- C:\Windows\winsxs
2016-05-31 23:08:23 ----D---- C:\Windows\ehome
2016-05-31 17:04:47 ----D---- C:\Windows\debug
2016-05-31 16:59:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-05-31 16:59:21 ----D---- C:\Windows\system32\cs-CZ
2016-05-31 16:59:21 ----D---- C:\Program Files\Windows Journal
2016-05-31 16:59:20 ----D---- C:\Windows\system32\en-US
2016-05-31 16:59:20 ----D---- C:\Windows\system32\Boot
2016-05-31 16:59:20 ----D---- C:\Windows\AppPatch
2016-05-31 16:56:55 ----D---- C:\Windows\system32\MRT
2016-05-31 16:48:22 ----A---- C:\Windows\system32\MRT.exe
2016-05-31 10:21:35 ----D---- C:\Program Files (x86)\Mozilla Thunderbird

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ambakdrv;ambakdrv; C:\Windows\system32\ambakdrv.sys [2015-02-26 30648]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-05-09 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-05-09 287528]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 MfeEpePc;MfeEpePc; C:\Windows\system32\drivers\MfeEpePc.sys [2011-02-09 168008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver; C:\Windows\system32\DRIVERS\SamsungRapidDiskFltr.sys [2014-09-16 268976]
R0 SamsungRapidFSFltr;SamsungRapidFSFltr; C:\Windows\system32\DRIVERS\SamsungRapidFSFltr.sys [2014-09-16 111280]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-05-09 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-05-09 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-05-09 1070904]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-05-09 465792]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-06-30 252344]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-06-30 41712]
R1 cnnctfy3;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy3.sys [2015-06-24 42152]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-06-30 92688]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [2010-01-26 44576]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 ammntdrv;ammntdrv; \??\C:\Windows\system32\ammntdrv.sys [2015-02-26 151480]
R2 amwrtdrv;amwrtdrv; \??\C:\Windows\system32\amwrtdrv.sys [2015-02-26 17848]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-05-09 37656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-05-09 107792]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-05-09 166432]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2010-01-26 1212416]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2011-03-29 22592]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-03-29 3065408]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-03 39464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-12-21 316080]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-12-03 25912]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-01-27 12273408]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2011-01-31 174168]
R3 johci;JMicron 1394 Filter Driver; C:\Windows\system32\DRIVERS\johci.sys [2011-02-09 26712]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-11-28 1866080]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-01-27 520192]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-09-16 392752]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-09-18 22784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 CpqDfw;Compaq Dfw; C:\Windows\system32\drivers\CpqDfw.sys []
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2011-02-07 63336]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2010-07-12 72648]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-07-12 85320]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 MDA_NTDRV;MDA_NTDRV; \??\C:\Windows\syswow64\MDA_NTDRV.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561V64.SYS [2009-05-01 588952]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 Ser2pl;Prolific Serial port WDF driver; C:\Windows\system32\DRIVERS\ser2pl64.sys [2012-07-26 158720]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\Windows\system32\DRIVERS\snp2sxp.sys [2007-04-09 12342656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2015-03-30 172344]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-12-04 28672]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2011-03-08 122608]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-09 243296]
R2 Backupper Service;AOMEI Backupper Scheduler Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [2015-07-16 29912]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-30 951584]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 19456]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-06-30 2528096]
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2015-04-09 217088]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-02-12 481104]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-01-29 281656]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IFXSpMgtSrv;Security Platform Management Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2011-01-20 1125728]
R2 IFXTCS;Trusted Platform Core Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [2011-01-20 980320]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-05-19 73728]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-02-09 1318912]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-05-06 1128952]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
R2 PersonalSecureDriveService;Personal Secure Drive Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [2011-01-20 203104]
R2 SamsungRapidSvc;Samsung RAPID Mode Service; C:\Windows\system32\RAPID\SamsungRapidSvc.exe [2014-09-16 28848]
R2 SkypeUpdate;Skype Updater; C:\Apli\Skype\SkypePortable\App\Skype\Updater\Updater.exe [2016-03-23 327808]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-01-27 296448]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-01-22 3154224]
R3 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-01-12 36864]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-04 326168]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-04 2656280]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-16 270016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-02-04 464480]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 hpCMSrv;HP Connection Manager 4.0 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-16 1071160]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-03-31 114688]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Rudy]

Dvouklikem na soubor C:\Program Files\trend micro\khonsun.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

[khonsun]

Ucineni presto, ze jakysi error.......; pres to jsem pokracoval dale dle navodu.

[Rudy]

Ne všechno lze fixovat. Jsou to ale jen nefunkční zbytky, které jen zabírají na disku trochu prostoru. Log by již měl být OK.

[khonsun]

Dekuji za navod/pomoc.

[Rudy]

Rádo se stalo!