Logfile of random's system information tool 1.10 (written by random/random)
Run by ntb at 2015-07-29 17:25:25
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 38 GB (16%) free of 238 GB
Total RAM: 3996 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:25:39, on 29. 7. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera_crashreporter.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files\trend micro\ntb.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.com/?win=160&clid=1989595
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://safesearch.avira.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://safesearch.avira.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://safesearch.avira.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://safesearch.avira.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKUS\S-1-5-18\..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\AMT\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 11979 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\SysWOW64\svchost.exe -k Cognizance
C:\Windows\SysWOW64\svchost.exe -k Bioscrypt
"C:\Program Files\Fingerprint Sensor\ATService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\Windows\system32\svchost.exe -k RPCSS
winlogon.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Intel\AMT\LMS.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
WLIDSvcM.exe 2600
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000690
C:\Windows\system32\svchost.exe -k bthsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe" -Embedding
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
C:\Windows\system32\DllHost.exe /Processid:{38E38285-D33D-40EB-9006-439225C54923}
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" Run
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\30.0.1835.125\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=3124
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=gpu-process --channel="3124.0.940953416\2076773299" --crash-reporter-pid=5704 --enable-mse-h264-support --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,9,22,45 --gpu-vendor-id=0x1002 --gpu-device-id=0x9591 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.632.1.1000 --crash-reporter-pid=5704 --enable-mse-h264-support --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5704 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=3124 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3124.3.1224562262\1354673992" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5704 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=3124 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3124.4.805786104\2088009506" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5704 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=3124 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3124.5.1644864262\1684623233" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5704 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=3124 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3124.6.2115985893\1571746628" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5704 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=3124 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3124.7.1339580814\86755574" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5704 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=3124 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3124.8.543068802\1283648245" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5704 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=3124 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3124.9.1889029291\2118265336" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5704 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=3124 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3124.10.139343561\759836912" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5704 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=3124 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3124.11.329922212\675251962" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5704 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=3124 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3124.12.2062731973\2121085729" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5704 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=3124 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3124.13.1179166897\1929036968" /prefetch:673131151
taskeng.exe {4155F94D-BAD5-4FB8-A101-F67A2399ABCD}
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5704 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=3124 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3124.15.848177002\146266272" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5704 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=3124 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="3124.16.1003812895\1384908832" /prefetch:673131151
"C:\Users\ntb\Downloads\RSITx64.exe"
"C:\Users\ntb\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\mu6n94o6.default-1422558027457
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EA99306-BC87-4930-9E1D-1D1EA32A7E4E}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\bin\ItIEAddIn64.dll [2010-01-18 568064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01 2133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2010-01-18 98560]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"picon"=C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [2009-07-15 358936]
"SoundMAX"=C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-03 2174760]
"acevents"=C:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-03 196648]
""= []
"accrdsub"=C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2009-06-03 483880]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"KiesPDLR.exe"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2015-04-28 1015104]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2015-04-28 1566016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe [2015-04-28 1566016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2015-04-28 311616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR]
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2010-04-13 358456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackUpdateChecker.lnk]
C:\Windows\SysWOW64\C2MP\UPDATE~1.EXE [2014-05-20 48688]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304]
"CognizanceTS"=C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll [2010-01-18 24832]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-08-13 137352]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-06-16 730416]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-29 07:36:20 ----HD---- C:\$Windows.~BT
2015-07-29 07:35:36 ----A---- C:\Windows\system32\generaltel.dll
2015-07-29 07:35:36 ----A---- C:\Windows\system32\devinv.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\invagent.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\appraiser.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\aeinv.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\acmigration.dll
2015-07-29 07:35:34 ----A---- C:\Windows\system32\aepdu.dll
2015-07-29 07:35:32 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-22 21:53:26 ----D---- C:\ProgramData\GRETECH
2015-07-22 21:52:52 ----D---- C:\Users\ntb\AppData\Roaming\GRETECH
2015-07-22 21:52:24 ----D---- C:\Program Files (x86)\GRETECH
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\lpk.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\fontsub.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\dciman32.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\atmfd.dll
2015-07-21 03:19:15 ----D---- C:\Program Files\Free FLV Player
2015-07-15 17:25:09 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2015-07-15 17:25:09 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wups.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 17:25:05 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 17:24:53 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 17:24:51 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 17:24:51 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-15 17:24:50 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 17:24:49 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-07-15 17:24:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-15 17:24:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 17:24:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-15 17:24:41 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 17:24:41 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-07-15 17:23:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 17:23:55 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 17:23:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 17:23:50 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-07-15 17:23:50 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 17:23:49 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-15 17:23:49 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-15 17:23:49 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 17:23:49 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 17:23:49 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 17:23:47 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 17:23:47 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 17:23:46 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 17:21:30 ----A---- C:\Windows\system32\wksprt.exe
2015-07-15 17:21:30 ----A---- C:\Windows\system32\mstscax.dll
2015-07-15 17:21:28 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-07-15 17:21:28 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-07-15 17:21:28 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-07-15 17:21:27 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-07-15 17:21:27 ----A---- C:\Windows\system32\tsgqec.dll
2015-07-15 17:21:26 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 17:21:26 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 17:21:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-07-15 17:21:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-07-15 17:21:04 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 17:21:04 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 17:21:04 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 17:21:03 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 17:21:03 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 17:20:50 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 17:20:50 ----A---- C:\Windows\system32\msi.dll
2015-07-15 17:20:50 ----A---- C:\Windows\system32\authui.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 17:20:49 ----A---- C:\Windows\system32\consent.exe
2015-07-15 17:20:49 ----A---- C:\Windows\system32\appinfo.dll
2015-07-12 18:53:11 ----D---- C:\Program Files (x86)\Disc Soft
2015-07-12 18:52:12 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2015-07-12 17:32:35 ----D---- C:\ProgramData\Canneverbe Limited
2015-07-12 17:32:20 ----D---- C:\Users\ntb\AppData\Roaming\Canneverbe Limited
2015-07-12 17:24:18 ----D---- C:\Users\ntb\AppData\Roaming\InfraRecorder
2015-07-10 20:37:19 ----SHD---- C:\$RECYCLE.BIN
2015-07-10 19:41:46 ----A---- C:\Windows\zip.exe
2015-07-10 19:41:46 ----A---- C:\Windows\SWSC.exe
2015-07-10 19:41:46 ----A---- C:\Windows\SWREG.exe
2015-07-10 19:41:46 ----A---- C:\Windows\sed.exe
2015-07-10 19:41:46 ----A---- C:\Windows\PEV.exe
2015-07-10 19:41:46 ----A---- C:\Windows\NIRCMD.exe
2015-07-10 19:41:46 ----A---- C:\Windows\MBR.exe
2015-07-10 19:41:46 ----A---- C:\Windows\grep.exe
2015-07-10 19:41:30 ----SD---- C:\ComboFix
2015-07-10 19:40:38 ----D---- C:\Qoobox
2015-07-10 19:35:12 ----D---- C:\Windows\erdnt
2015-07-10 19:34:53 ----SD---- C:\32788R22FWJFW
2015-07-02 17:56:35 ----A---- C:\Windows\system32\drivers\sscewhnt.sys
2015-07-02 17:56:35 ----A---- C:\Windows\system32\drivers\sscewh.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscemdm.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscemdfl.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscecmnt.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscecm.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscebus.sys
======List of files/folders modified in the last 1 month======
2015-07-29 17:25:36 ----D---- C:\Program Files\trend micro
2015-07-29 17:25:33 ----D---- C:\Windows\Temp
2015-07-29 17:24:45 ----D---- C:\Windows\Prefetch
2015-07-29 17:18:20 ----D---- C:\Windows\winsxs
2015-07-29 17:17:36 ----A---- C:\Windows\SYSWOW64\log.txt
2015-07-29 17:17:27 ----D---- C:\Windows\system32\config
2015-07-29 17:17:15 ----SD---- C:\Windows\system32\CompatTel
2015-07-29 17:17:14 ----D---- C:\Windows\System32
2015-07-29 07:49:40 ----SHD---- C:\System Volume Information
2015-07-29 07:36:54 ----D---- C:\Windows\Panther
2015-07-29 07:36:14 ----D---- C:\Windows\Logs
2015-07-29 07:30:25 ----D---- C:\Windows\SoftwareDistribution
2015-07-25 22:40:46 ----D---- C:\Windows\rescache
2015-07-25 21:27:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-25 21:27:46 ----D---- C:\Windows\inf
2015-07-25 18:45:13 ----SD---- C:\Windows\system32\GWX
2015-07-24 13:49:10 ----AD---- C:\Windows
2015-07-22 21:53:26 ----HD---- C:\ProgramData
2015-07-22 21:52:24 ----RD---- C:\Program Files (x86)
2015-07-22 07:15:25 ----D---- C:\Windows\SysWOW64
2015-07-21 18:06:53 ----D---- C:\Windows\system32\catroot2
2015-07-21 17:55:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-21 03:19:15 ----RD---- C:\Program Files
2015-07-16 21:12:11 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-16 21:12:11 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-07-16 21:12:11 ----D---- C:\Windows\system32\sk-SK
2015-07-16 21:12:11 ----D---- C:\Windows\PolicyDefinitions
2015-07-16 21:12:10 ----D---- C:\Windows\SYSWOW64\en-US
2015-07-16 21:12:10 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-16 21:12:09 ----D---- C:\Windows\system32\en-US
2015-07-16 21:12:04 ----D---- C:\Program Files\Internet Explorer
2015-07-16 21:11:54 ----D---- C:\Windows\system32\drivers
2015-07-16 21:11:51 ----D---- C:\Windows\system32\wbem
2015-07-16 21:11:51 ----D---- C:\Windows\system32\appraiser
2015-07-16 21:11:51 ----D---- C:\Windows\AppPatch
2015-07-16 20:35:42 ----SHD---- C:\Windows\Installer
2015-07-16 20:35:42 ----SHD---- C:\Config.Msi
2015-07-16 20:29:43 ----D---- C:\Windows\system32\MRT
2015-07-16 20:20:02 ----D---- C:\Windows\debug
2015-07-15 21:43:51 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-15 17:03:09 ----D---- C:\Windows\system32\Tasks
2015-07-14 17:33:26 ----D---- C:\Program Files (x86)\Opera
2015-07-13 20:52:17 ----D---- C:\Users\ntb\AppData\Roaming\DAEMON Tools Lite
2015-07-12 20:29:49 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2015-07-12 20:20:21 ----D---- C:\ProgramData\DAEMON Tools Lite
2015-07-12 20:20:14 ----D---- C:\Users\ntb\AppData\Roaming\4Media
2015-07-12 20:20:10 ----SD---- C:\Users\ntb\AppData\Roaming\Microsoft
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\IrfanView
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\foobar2000
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\DVDVideoSoft
2015-07-12 20:20:04 ----D---- C:\Users\ntb\AppData\Roaming\SAMSUNG Drivers Update Utility
2015-07-12 20:20:04 ----D---- C:\Users\ntb\AppData\Roaming\R-TT
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\vlc
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Ulozto File Manager
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Thunderbird
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Skype
2015-07-12 20:19:15 ----D---- C:\Windows\system32\DriverStore
2015-07-12 20:19:14 ----D---- C:\Windows\Tasks
2015-07-12 20:19:14 ----D---- C:\Windows\registration
2015-07-10 19:51:53 ----D---- C:\Windows\SYSWOW64\drivers
2015-07-10 19:51:51 ----D---- C:\Program Files (x86)\Common Files
2015-07-03 08:43:04 ----A---- C:\Windows\system32\MRT.exe
2015-07-02 22:44:25 ----D---- C:\Windows\system32\catroot
2015-07-02 18:34:29 ----D---- C:\Windows\Microsoft.NET
2015-07-02 17:56:18 ----D---- C:\Program Files (x86)\Samsung
2015-07-02 17:10:51 ----D---- C:\Program Files (x86)\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-03-05 55912]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2007-07-16 60160]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-03-05 15464]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-07-12 381608]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-29 50976]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-06-16 132656]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-11-24 28600]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 31400]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-03-05 14952]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-02-25 252704]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-02-25 126752]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-08-13 450456]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-06-16 153256]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-03-04 44088]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-06-25 57856]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 119312]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-04 6037504]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2010-03-01 549888]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHprint;Microsoft Bluetooth Printer Class; C:\Windows\system32\DRIVERS\bthprint.sys [2009-07-14 67072]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 19000]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-06-23 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rismcx64;RICOH Smart Card Reader; C:\Windows\system32\DRIVERS\rismcx64.sys [2009-07-20 59008]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1875624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-03 1379376]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-02-25 140576]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-02-25 154912]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\E:\aida\kerneld.x64 []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-07-12 30264]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2014-01-31 94704]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-07-12 85320]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2012-01-09 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\Windows\system32\DRIVERS\silabenm.sys [2014-04-11 23552]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\Windows\system32\DRIVERS\silabser.sys [2014-04-11 79360]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM); C:\Windows\system32\DRIVERS\sscebus.sys [2014-10-13 169288]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter; C:\Windows\system32\DRIVERS\sscemdfl.sys [2014-10-13 21320]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers; C:\Windows\system32\DRIVERS\sscemdm.sys [2014-10-13 188232]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2014-02-25 113952]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-04 203264]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-06-16 450808]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-06-16 450808]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-07-29 1841912]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-03-05 256616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\AMT\LMS.exe [2009-07-15 174616]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2009-07-15 2058776]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-08-13 3596752]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-06-16 827184]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-06-16 1188360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2010-04-13 45056]
S3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-20 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-14 148080]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-07 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu.
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
peter19500
- Návštěvník
- Příspěvky: 49
- Registrován: 11 srp 2009 16:52
Re: Prosím o kontrolu.
# AdwCleaner v4.208 - Log vytvorený 30/07/2015 at 07:37:34
# Aktualizované 09/07/2015 by Xplode
# Databáza : 2015-07-26.2 [Server]
# Operačný systém : Windows 7 Home Premium Service Pack 1 (x64)
# Uživateľské meno : ntb - NTB-PC
# Spustené z : C:\Users\ntb\Desktop\adwcleaner_4.208.exe
# Nastavenia : Čistenie
***** [ Služby ] *****
***** [ Súbory / Priečinky ] *****
Priečinok Zmazané : C:\Program Files (x86)\Applian Technologies
Priečinok Zmazané : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\FileTypeAssistant
Súbor Zmazané : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
Súbor Zmazané : C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\mu6n94o6.default-1422558027457\user.js
***** [ Naplánované úlohy ] *****
***** [ Zástupcovia ] *****
***** [ Registre ] *****
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Kľúč registra Zmazané : HKCU\Software\Myfree Codec
Kľúč registra Zmazané : HKCU\Software\DriverTuner_Init
Kľúč registra Zmazané : HKCU\Software\DriverTuner
Kľúč registra Zmazané : HKLM\SOFTWARE\Myfree Codec
Kľúč registra Zmazané : HKU\.DEFAULT\Software\Avg Secure Update
***** [ Webové prehliadače ] *****
-\\ Internet Explorer v11.0.9600.17909
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v37.0.1 (x86 sk)
-\\ Chromium v
-\\ Opera v30.0.1835.125
*************************
AdwCleaner[R0].txt - [10446 bajtov] - [03/09/2014 20:01:17]
AdwCleaner[R1].txt - [3856 bajtov] - [30/07/2015 07:31:17]
AdwCleaner[S0].txt - [8511 bajtov] - [03/09/2014 20:10:37]
AdwCleaner[S1].txt - [3331 bajtov] - [30/07/2015 07:37:34]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3391 bajtov] ##########
# Aktualizované 09/07/2015 by Xplode
# Databáza : 2015-07-26.2 [Server]
# Operačný systém : Windows 7 Home Premium Service Pack 1 (x64)
# Uživateľské meno : ntb - NTB-PC
# Spustené z : C:\Users\ntb\Desktop\adwcleaner_4.208.exe
# Nastavenia : Čistenie
***** [ Služby ] *****
***** [ Súbory / Priečinky ] *****
Priečinok Zmazané : C:\Program Files (x86)\Applian Technologies
Priečinok Zmazané : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\FileTypeAssistant
Súbor Zmazané : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
Súbor Zmazané : C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\mu6n94o6.default-1422558027457\user.js
***** [ Naplánované úlohy ] *****
***** [ Zástupcovia ] *****
***** [ Registre ] *****
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Kľúč registra Zmazané : HKCU\Software\Myfree Codec
Kľúč registra Zmazané : HKCU\Software\DriverTuner_Init
Kľúč registra Zmazané : HKCU\Software\DriverTuner
Kľúč registra Zmazané : HKLM\SOFTWARE\Myfree Codec
Kľúč registra Zmazané : HKU\.DEFAULT\Software\Avg Secure Update
***** [ Webové prehliadače ] *****
-\\ Internet Explorer v11.0.9600.17909
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v37.0.1 (x86 sk)
-\\ Chromium v
-\\ Opera v30.0.1835.125
*************************
AdwCleaner[R0].txt - [10446 bajtov] - [03/09/2014 20:01:17]
AdwCleaner[R1].txt - [3856 bajtov] - [30/07/2015 07:31:17]
AdwCleaner[S0].txt - [8511 bajtov] - [03/09/2014 20:10:37]
AdwCleaner[S1].txt - [3331 bajtov] - [30/07/2015 07:37:34]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3391 bajtov] ##########
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu.
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
peter19500
- Návštěvník
- Příspěvky: 49
- Registrován: 11 srp 2009 16:52
Re: Prosím o kontrolu.
Logfile of random's system information tool 1.10 (written by random/random)
Run by ntb at 2015-07-30 19:20:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 37 GB (15%) free of 238 GB
Total RAM: 3996 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:21:02, on 30. 7. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\trend micro\ntb.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.com/?win=160&clid=1989595
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKUS\S-1-5-18\..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\AMT\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 10702 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\SysWOW64\svchost.exe -k Cognizance
C:\Windows\SysWOW64\svchost.exe -k Bioscrypt
"C:\Program Files\Fingerprint Sensor\ATService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Intel\AMT\LMS.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
WLIDSvcM.exe 2368
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe" -Embedding
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" Run
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Windows\system32\DllHost.exe /Processid:{38E38285-D33D-40EB-9006-439225C54923}
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000088c
"c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\ntb\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\mu6n94o6.default-1422558027457
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EA99306-BC87-4930-9E1D-1D1EA32A7E4E}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\bin\ItIEAddIn64.dll [2010-01-18 568064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01 2133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2010-01-18 98560]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"picon"=C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [2009-07-15 358936]
"SoundMAX"=C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-03 2174760]
"acevents"=C:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-03 196648]
""= []
"accrdsub"=C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2009-06-03 483880]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"KiesPDLR.exe"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2015-04-28 1015104]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2015-04-28 1566016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe [2015-04-28 1566016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2015-04-28 311616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR]
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2010-04-13 358456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackUpdateChecker.lnk]
C:\Windows\SysWOW64\C2MP\UPDATE~1.EXE [2014-05-20 48688]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304]
"CognizanceTS"=C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll [2010-01-18 24832]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-08-13 137352]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-06-16 730416]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-29 07:35:36 ----A---- C:\Windows\system32\generaltel.dll
2015-07-29 07:35:36 ----A---- C:\Windows\system32\devinv.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\invagent.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\appraiser.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\aeinv.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\acmigration.dll
2015-07-29 07:35:34 ----A---- C:\Windows\system32\aepdu.dll
2015-07-29 07:35:32 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-22 21:53:26 ----D---- C:\ProgramData\GRETECH
2015-07-22 21:52:52 ----D---- C:\Users\ntb\AppData\Roaming\GRETECH
2015-07-22 21:52:24 ----D---- C:\Program Files (x86)\GRETECH
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\lpk.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\fontsub.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\dciman32.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\atmfd.dll
2015-07-21 03:19:15 ----D---- C:\Program Files\Free FLV Player
2015-07-15 17:25:09 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2015-07-15 17:25:09 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wups.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 17:25:05 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 17:24:53 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 17:24:51 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 17:24:51 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-15 17:24:50 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 17:24:49 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-07-15 17:24:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-15 17:24:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 17:24:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-15 17:24:41 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 17:24:41 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-07-15 17:23:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 17:23:55 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 17:23:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 17:23:50 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-07-15 17:23:50 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 17:23:49 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-15 17:23:49 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-15 17:23:49 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 17:23:49 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 17:23:49 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 17:23:47 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 17:23:47 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 17:23:46 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 17:21:30 ----A---- C:\Windows\system32\wksprt.exe
2015-07-15 17:21:30 ----A---- C:\Windows\system32\mstscax.dll
2015-07-15 17:21:28 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-07-15 17:21:28 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-07-15 17:21:28 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-07-15 17:21:27 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-07-15 17:21:27 ----A---- C:\Windows\system32\tsgqec.dll
2015-07-15 17:21:26 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 17:21:26 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 17:21:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-07-15 17:21:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-07-15 17:21:04 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 17:21:04 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 17:21:04 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 17:21:03 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 17:21:03 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 17:20:50 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 17:20:50 ----A---- C:\Windows\system32\msi.dll
2015-07-15 17:20:50 ----A---- C:\Windows\system32\authui.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 17:20:49 ----A---- C:\Windows\system32\consent.exe
2015-07-15 17:20:49 ----A---- C:\Windows\system32\appinfo.dll
2015-07-12 18:53:11 ----D---- C:\Program Files (x86)\Disc Soft
2015-07-12 18:52:12 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2015-07-12 17:32:35 ----D---- C:\ProgramData\Canneverbe Limited
2015-07-12 17:32:20 ----D---- C:\Users\ntb\AppData\Roaming\Canneverbe Limited
2015-07-12 17:24:18 ----D---- C:\Users\ntb\AppData\Roaming\InfraRecorder
2015-07-10 20:37:19 ----SHD---- C:\$RECYCLE.BIN
2015-07-10 20:33:34 ----HD---- C:\$Windows.~BT
2015-07-10 19:41:46 ----A---- C:\Windows\zip.exe
2015-07-10 19:41:46 ----A---- C:\Windows\SWSC.exe
2015-07-10 19:41:46 ----A---- C:\Windows\SWREG.exe
2015-07-10 19:41:46 ----A---- C:\Windows\sed.exe
2015-07-10 19:41:46 ----A---- C:\Windows\PEV.exe
2015-07-10 19:41:46 ----A---- C:\Windows\NIRCMD.exe
2015-07-10 19:41:46 ----A---- C:\Windows\MBR.exe
2015-07-10 19:41:46 ----A---- C:\Windows\grep.exe
2015-07-10 19:41:30 ----SD---- C:\ComboFix
2015-07-10 19:40:38 ----D---- C:\Qoobox
2015-07-10 19:35:12 ----D---- C:\Windows\erdnt
2015-07-10 19:34:53 ----SD---- C:\32788R22FWJFW
2015-07-02 17:56:35 ----A---- C:\Windows\system32\drivers\sscewhnt.sys
2015-07-02 17:56:35 ----A---- C:\Windows\system32\drivers\sscewh.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscemdm.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscemdfl.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscecmnt.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscecm.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscebus.sys
======List of files/folders modified in the last 1 month======
2015-07-30 19:21:02 ----D---- C:\Windows\Temp
2015-07-30 19:20:59 ----D---- C:\Program Files\trend micro
2015-07-30 18:16:53 ----D---- C:\Windows\system32\config
2015-07-30 17:58:49 ----D---- C:\Windows\winsxs
2015-07-30 17:48:57 ----D---- C:\Windows\Panther
2015-07-30 17:33:47 ----A---- C:\Windows\SYSWOW64\log.txt
2015-07-30 07:37:42 ----D---- C:\AdwCleaner
2015-07-30 07:37:35 ----RD---- C:\Program Files (x86)
2015-07-29 19:21:50 ----D---- C:\Windows\System32
2015-07-29 19:21:50 ----D---- C:\Windows\inf
2015-07-29 19:21:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-29 17:24:45 ----D---- C:\Windows\Prefetch
2015-07-29 17:17:15 ----SD---- C:\Windows\system32\CompatTel
2015-07-29 07:49:40 ----SHD---- C:\System Volume Information
2015-07-29 07:36:14 ----D---- C:\Windows\Logs
2015-07-29 07:30:25 ----D---- C:\Windows\SoftwareDistribution
2015-07-25 22:40:46 ----D---- C:\Windows\rescache
2015-07-25 18:45:13 ----SD---- C:\Windows\system32\GWX
2015-07-24 13:49:10 ----AD---- C:\Windows
2015-07-22 21:53:26 ----HD---- C:\ProgramData
2015-07-22 07:15:25 ----D---- C:\Windows\SysWOW64
2015-07-21 18:06:53 ----D---- C:\Windows\system32\catroot2
2015-07-21 17:55:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-21 03:19:15 ----RD---- C:\Program Files
2015-07-16 21:12:11 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-16 21:12:11 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-07-16 21:12:11 ----D---- C:\Windows\system32\sk-SK
2015-07-16 21:12:11 ----D---- C:\Windows\PolicyDefinitions
2015-07-16 21:12:10 ----D---- C:\Windows\SYSWOW64\en-US
2015-07-16 21:12:10 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-16 21:12:09 ----D---- C:\Windows\system32\en-US
2015-07-16 21:12:04 ----D---- C:\Program Files\Internet Explorer
2015-07-16 21:11:54 ----D---- C:\Windows\system32\drivers
2015-07-16 21:11:51 ----D---- C:\Windows\system32\wbem
2015-07-16 21:11:51 ----D---- C:\Windows\system32\appraiser
2015-07-16 21:11:51 ----D---- C:\Windows\AppPatch
2015-07-16 20:35:42 ----SHD---- C:\Windows\Installer
2015-07-16 20:35:42 ----SHD---- C:\Config.Msi
2015-07-16 20:29:43 ----D---- C:\Windows\system32\MRT
2015-07-16 20:20:02 ----D---- C:\Windows\debug
2015-07-15 21:43:51 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-15 17:03:09 ----D---- C:\Windows\system32\Tasks
2015-07-14 17:33:26 ----D---- C:\Program Files (x86)\Opera
2015-07-13 20:52:17 ----D---- C:\Users\ntb\AppData\Roaming\DAEMON Tools Lite
2015-07-12 20:29:49 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2015-07-12 20:20:21 ----D---- C:\ProgramData\DAEMON Tools Lite
2015-07-12 20:20:14 ----D---- C:\Users\ntb\AppData\Roaming\4Media
2015-07-12 20:20:10 ----SD---- C:\Users\ntb\AppData\Roaming\Microsoft
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\IrfanView
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\foobar2000
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\DVDVideoSoft
2015-07-12 20:20:04 ----D---- C:\Users\ntb\AppData\Roaming\SAMSUNG Drivers Update Utility
2015-07-12 20:20:04 ----D---- C:\Users\ntb\AppData\Roaming\R-TT
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\vlc
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Ulozto File Manager
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Thunderbird
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Skype
2015-07-12 20:19:15 ----D---- C:\Windows\system32\DriverStore
2015-07-12 20:19:14 ----D---- C:\Windows\Tasks
2015-07-12 20:19:14 ----D---- C:\Windows\registration
2015-07-10 19:51:53 ----D---- C:\Windows\SYSWOW64\drivers
2015-07-10 19:51:51 ----D---- C:\Program Files (x86)\Common Files
2015-07-03 08:43:04 ----A---- C:\Windows\system32\MRT.exe
2015-07-02 22:44:25 ----D---- C:\Windows\system32\catroot
2015-07-02 18:34:29 ----D---- C:\Windows\Microsoft.NET
2015-07-02 17:56:18 ----D---- C:\Program Files (x86)\Samsung
2015-07-02 17:10:51 ----D---- C:\Program Files (x86)\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-03-05 55912]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2007-07-16 60160]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-03-05 15464]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-07-12 381608]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-29 50976]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-06-16 132656]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-11-24 28600]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 31400]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-03-05 14952]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-02-25 252704]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-02-25 126752]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-08-13 450456]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-06-16 153256]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-03-04 44088]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-06-25 57856]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 119312]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-04 6037504]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2010-03-01 549888]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHprint;Microsoft Bluetooth Printer Class; C:\Windows\system32\DRIVERS\bthprint.sys [2009-07-14 67072]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 19000]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-06-23 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rismcx64;RICOH Smart Card Reader; C:\Windows\system32\DRIVERS\rismcx64.sys [2009-07-20 59008]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1875624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-03 1379376]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-02-25 140576]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-02-25 154912]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\E:\aida\kerneld.x64 []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-07-12 30264]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2014-01-31 94704]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-07-12 85320]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2012-01-09 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\Windows\system32\DRIVERS\silabenm.sys [2014-04-11 23552]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\Windows\system32\DRIVERS\silabser.sys [2014-04-11 79360]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM); C:\Windows\system32\DRIVERS\sscebus.sys [2014-10-13 169288]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter; C:\Windows\system32\DRIVERS\sscemdfl.sys [2014-10-13 21320]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers; C:\Windows\system32\DRIVERS\sscemdm.sys [2014-10-13 188232]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2014-02-25 113952]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-04 203264]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-06-16 450808]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-06-16 450808]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-07-29 1841912]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-03-05 256616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\AMT\LMS.exe [2009-07-15 174616]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2009-07-15 2058776]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-08-13 3596752]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-06-16 827184]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-06-16 1188360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2010-04-13 45056]
S3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-20 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-14 148080]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-07 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Run by ntb at 2015-07-30 19:20:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 37 GB (15%) free of 238 GB
Total RAM: 3996 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:21:02, on 30. 7. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\trend micro\ntb.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.com/?win=160&clid=1989595
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKUS\S-1-5-18\..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\AMT\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 10702 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\SysWOW64\svchost.exe -k Cognizance
C:\Windows\SysWOW64\svchost.exe -k Bioscrypt
"C:\Program Files\Fingerprint Sensor\ATService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Intel\AMT\LMS.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
WLIDSvcM.exe 2368
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe" -Embedding
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" Run
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Windows\system32\DllHost.exe /Processid:{38E38285-D33D-40EB-9006-439225C54923}
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000088c
"c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\ntb\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\mu6n94o6.default-1422558027457
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EA99306-BC87-4930-9E1D-1D1EA32A7E4E}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\bin\ItIEAddIn64.dll [2010-01-18 568064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01 2133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2010-01-18 98560]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"picon"=C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [2009-07-15 358936]
"SoundMAX"=C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-03 2174760]
"acevents"=C:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-03 196648]
""= []
"accrdsub"=C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2009-06-03 483880]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"KiesPDLR.exe"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2015-04-28 1015104]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2015-04-28 1566016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe [2015-04-28 1566016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2015-04-28 311616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR]
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2010-04-13 358456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackUpdateChecker.lnk]
C:\Windows\SysWOW64\C2MP\UPDATE~1.EXE [2014-05-20 48688]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304]
"CognizanceTS"=C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll [2010-01-18 24832]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-08-13 137352]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-06-16 730416]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-29 07:35:36 ----A---- C:\Windows\system32\generaltel.dll
2015-07-29 07:35:36 ----A---- C:\Windows\system32\devinv.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\invagent.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\appraiser.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\aeinv.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\acmigration.dll
2015-07-29 07:35:34 ----A---- C:\Windows\system32\aepdu.dll
2015-07-29 07:35:32 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-22 21:53:26 ----D---- C:\ProgramData\GRETECH
2015-07-22 21:52:52 ----D---- C:\Users\ntb\AppData\Roaming\GRETECH
2015-07-22 21:52:24 ----D---- C:\Program Files (x86)\GRETECH
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\lpk.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\fontsub.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\dciman32.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\atmfd.dll
2015-07-21 03:19:15 ----D---- C:\Program Files\Free FLV Player
2015-07-15 17:25:09 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2015-07-15 17:25:09 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wups.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 17:25:05 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 17:24:53 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 17:24:51 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 17:24:51 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-15 17:24:50 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 17:24:49 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-07-15 17:24:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-15 17:24:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 17:24:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-15 17:24:41 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 17:24:41 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-07-15 17:23:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 17:23:55 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 17:23:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 17:23:50 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-07-15 17:23:50 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 17:23:49 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-15 17:23:49 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-15 17:23:49 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 17:23:49 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 17:23:49 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 17:23:47 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 17:23:47 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 17:23:46 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 17:21:30 ----A---- C:\Windows\system32\wksprt.exe
2015-07-15 17:21:30 ----A---- C:\Windows\system32\mstscax.dll
2015-07-15 17:21:28 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-07-15 17:21:28 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-07-15 17:21:28 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-07-15 17:21:27 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-07-15 17:21:27 ----A---- C:\Windows\system32\tsgqec.dll
2015-07-15 17:21:26 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 17:21:26 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 17:21:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-07-15 17:21:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-07-15 17:21:04 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 17:21:04 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 17:21:04 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 17:21:03 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 17:21:03 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 17:20:50 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 17:20:50 ----A---- C:\Windows\system32\msi.dll
2015-07-15 17:20:50 ----A---- C:\Windows\system32\authui.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 17:20:49 ----A---- C:\Windows\system32\consent.exe
2015-07-15 17:20:49 ----A---- C:\Windows\system32\appinfo.dll
2015-07-12 18:53:11 ----D---- C:\Program Files (x86)\Disc Soft
2015-07-12 18:52:12 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2015-07-12 17:32:35 ----D---- C:\ProgramData\Canneverbe Limited
2015-07-12 17:32:20 ----D---- C:\Users\ntb\AppData\Roaming\Canneverbe Limited
2015-07-12 17:24:18 ----D---- C:\Users\ntb\AppData\Roaming\InfraRecorder
2015-07-10 20:37:19 ----SHD---- C:\$RECYCLE.BIN
2015-07-10 20:33:34 ----HD---- C:\$Windows.~BT
2015-07-10 19:41:46 ----A---- C:\Windows\zip.exe
2015-07-10 19:41:46 ----A---- C:\Windows\SWSC.exe
2015-07-10 19:41:46 ----A---- C:\Windows\SWREG.exe
2015-07-10 19:41:46 ----A---- C:\Windows\sed.exe
2015-07-10 19:41:46 ----A---- C:\Windows\PEV.exe
2015-07-10 19:41:46 ----A---- C:\Windows\NIRCMD.exe
2015-07-10 19:41:46 ----A---- C:\Windows\MBR.exe
2015-07-10 19:41:46 ----A---- C:\Windows\grep.exe
2015-07-10 19:41:30 ----SD---- C:\ComboFix
2015-07-10 19:40:38 ----D---- C:\Qoobox
2015-07-10 19:35:12 ----D---- C:\Windows\erdnt
2015-07-10 19:34:53 ----SD---- C:\32788R22FWJFW
2015-07-02 17:56:35 ----A---- C:\Windows\system32\drivers\sscewhnt.sys
2015-07-02 17:56:35 ----A---- C:\Windows\system32\drivers\sscewh.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscemdm.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscemdfl.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscecmnt.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscecm.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscebus.sys
======List of files/folders modified in the last 1 month======
2015-07-30 19:21:02 ----D---- C:\Windows\Temp
2015-07-30 19:20:59 ----D---- C:\Program Files\trend micro
2015-07-30 18:16:53 ----D---- C:\Windows\system32\config
2015-07-30 17:58:49 ----D---- C:\Windows\winsxs
2015-07-30 17:48:57 ----D---- C:\Windows\Panther
2015-07-30 17:33:47 ----A---- C:\Windows\SYSWOW64\log.txt
2015-07-30 07:37:42 ----D---- C:\AdwCleaner
2015-07-30 07:37:35 ----RD---- C:\Program Files (x86)
2015-07-29 19:21:50 ----D---- C:\Windows\System32
2015-07-29 19:21:50 ----D---- C:\Windows\inf
2015-07-29 19:21:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-29 17:24:45 ----D---- C:\Windows\Prefetch
2015-07-29 17:17:15 ----SD---- C:\Windows\system32\CompatTel
2015-07-29 07:49:40 ----SHD---- C:\System Volume Information
2015-07-29 07:36:14 ----D---- C:\Windows\Logs
2015-07-29 07:30:25 ----D---- C:\Windows\SoftwareDistribution
2015-07-25 22:40:46 ----D---- C:\Windows\rescache
2015-07-25 18:45:13 ----SD---- C:\Windows\system32\GWX
2015-07-24 13:49:10 ----AD---- C:\Windows
2015-07-22 21:53:26 ----HD---- C:\ProgramData
2015-07-22 07:15:25 ----D---- C:\Windows\SysWOW64
2015-07-21 18:06:53 ----D---- C:\Windows\system32\catroot2
2015-07-21 17:55:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-21 03:19:15 ----RD---- C:\Program Files
2015-07-16 21:12:11 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-16 21:12:11 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-07-16 21:12:11 ----D---- C:\Windows\system32\sk-SK
2015-07-16 21:12:11 ----D---- C:\Windows\PolicyDefinitions
2015-07-16 21:12:10 ----D---- C:\Windows\SYSWOW64\en-US
2015-07-16 21:12:10 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-16 21:12:09 ----D---- C:\Windows\system32\en-US
2015-07-16 21:12:04 ----D---- C:\Program Files\Internet Explorer
2015-07-16 21:11:54 ----D---- C:\Windows\system32\drivers
2015-07-16 21:11:51 ----D---- C:\Windows\system32\wbem
2015-07-16 21:11:51 ----D---- C:\Windows\system32\appraiser
2015-07-16 21:11:51 ----D---- C:\Windows\AppPatch
2015-07-16 20:35:42 ----SHD---- C:\Windows\Installer
2015-07-16 20:35:42 ----SHD---- C:\Config.Msi
2015-07-16 20:29:43 ----D---- C:\Windows\system32\MRT
2015-07-16 20:20:02 ----D---- C:\Windows\debug
2015-07-15 21:43:51 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-15 17:03:09 ----D---- C:\Windows\system32\Tasks
2015-07-14 17:33:26 ----D---- C:\Program Files (x86)\Opera
2015-07-13 20:52:17 ----D---- C:\Users\ntb\AppData\Roaming\DAEMON Tools Lite
2015-07-12 20:29:49 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2015-07-12 20:20:21 ----D---- C:\ProgramData\DAEMON Tools Lite
2015-07-12 20:20:14 ----D---- C:\Users\ntb\AppData\Roaming\4Media
2015-07-12 20:20:10 ----SD---- C:\Users\ntb\AppData\Roaming\Microsoft
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\IrfanView
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\foobar2000
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\DVDVideoSoft
2015-07-12 20:20:04 ----D---- C:\Users\ntb\AppData\Roaming\SAMSUNG Drivers Update Utility
2015-07-12 20:20:04 ----D---- C:\Users\ntb\AppData\Roaming\R-TT
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\vlc
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Ulozto File Manager
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Thunderbird
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Skype
2015-07-12 20:19:15 ----D---- C:\Windows\system32\DriverStore
2015-07-12 20:19:14 ----D---- C:\Windows\Tasks
2015-07-12 20:19:14 ----D---- C:\Windows\registration
2015-07-10 19:51:53 ----D---- C:\Windows\SYSWOW64\drivers
2015-07-10 19:51:51 ----D---- C:\Program Files (x86)\Common Files
2015-07-03 08:43:04 ----A---- C:\Windows\system32\MRT.exe
2015-07-02 22:44:25 ----D---- C:\Windows\system32\catroot
2015-07-02 18:34:29 ----D---- C:\Windows\Microsoft.NET
2015-07-02 17:56:18 ----D---- C:\Program Files (x86)\Samsung
2015-07-02 17:10:51 ----D---- C:\Program Files (x86)\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-03-05 55912]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2007-07-16 60160]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-03-05 15464]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-07-12 381608]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-29 50976]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-06-16 132656]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-11-24 28600]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 31400]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-03-05 14952]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-02-25 252704]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-02-25 126752]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-08-13 450456]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-06-16 153256]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-03-04 44088]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-06-25 57856]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 119312]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-04 6037504]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2010-03-01 549888]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHprint;Microsoft Bluetooth Printer Class; C:\Windows\system32\DRIVERS\bthprint.sys [2009-07-14 67072]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 19000]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-06-23 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rismcx64;RICOH Smart Card Reader; C:\Windows\system32\DRIVERS\rismcx64.sys [2009-07-20 59008]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1875624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-03 1379376]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-02-25 140576]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-02-25 154912]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\E:\aida\kerneld.x64 []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-07-12 30264]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2014-01-31 94704]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-07-12 85320]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2012-01-09 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\Windows\system32\DRIVERS\silabenm.sys [2014-04-11 23552]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\Windows\system32\DRIVERS\silabser.sys [2014-04-11 79360]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM); C:\Windows\system32\DRIVERS\sscebus.sys [2014-10-13 169288]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter; C:\Windows\system32\DRIVERS\sscemdfl.sys [2014-10-13 21320]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers; C:\Windows\system32\DRIVERS\sscemdm.sys [2014-10-13 188232]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2014-02-25 113952]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-04 203264]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-06-16 450808]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-06-16 450808]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-07-29 1841912]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-03-05 256616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\AMT\LMS.exe [2009-07-15 174616]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2009-07-15 2058776]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-08-13 3596752]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-06-16 827184]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-06-16 1188360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2010-04-13 45056]
S3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-20 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-14 148080]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-07 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu.
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files (x86)\Skype\Toolbars
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
:services
c2cautoupdatesvc
c2cpnrsvc
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
peter19500
- Návštěvník
- Příspěvky: 49
- Registrován: 11 srp 2009 16:52
Re: Prosím o kontrolu.
Z OTM:
All processes killed
========== FILES ==========
C:\Program Files (x86)\Skype\Toolbars\PNRSvc folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64 folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\FirefoxAddOn folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars folder moved successfully.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
========== SERVICES/DRIVERS ==========
Service c2cautoupdatesvc stopped successfully!
Service c2cautoupdatesvc deleted successfully!
Service c2cpnrsvc stopped successfully!
Service c2cpnrsvc deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: ntb
->Temp folder emptied: 3840847 bytes
->Temporary Internet Files folder emptied: 10424294 bytes
->Java cache emptied: 48342 bytes
->FireFox cache emptied: 6924853 bytes
->Flash cache emptied: 506 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33639349 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 334324 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 53,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: ntb
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 07312015_071137
Files moved on Reboot...
C:\Users\ntb\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\ntb\AppData\Local\Temp\~DFF1429587B5C93EDD.TMP moved successfully.
C:\Users\ntb\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\temp\9BE197E1-A1BC-459B-8888-03BF3AF4D705\DismCorePS.dll moved successfully.
C:\Windows\temp\9BE197E1-A1BC-459B-8888-03BF3AF4D705\DismHost.exe moved successfully.
C:\Windows\temp\9BE197E1-A1BC-459B-8888-03BF3AF4D705\DismProv.dll moved successfully.
C:\Windows\temp\9BE197E1-A1BC-459B-8888-03BF3AF4D705\DmiProvider.dll moved successfully.
C:\Windows\temp\9BE197E1-A1BC-459B-8888-03BF3AF4D705\LogProvider.dll moved successfully.
C:\Windows\temp\9BE197E1-A1BC-459B-8888-03BF3AF4D705\OSProvider.dll moved successfully.
C:\Windows\temp\9BE197E1-A1BC-459B-8888-03BF3AF4D705\wdscore.dll moved successfully.
File C:\Windows\temp\ZLT030fe.TMP not found!
File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
LOG RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by ntb at 2015-07-31 07:24:00
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 37 GB (16%) free of 238 GB
Total RAM: 3996 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:24:03, on 31. 7. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera_crashreporter.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files\trend micro\ntb.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.com/?win=160&clid=1989595
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKUS\S-1-5-18\..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\AMT\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 11228 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\SysWOW64\svchost.exe -k Cognizance
C:\Windows\SysWOW64\svchost.exe -k Bioscrypt
"C:\Program Files\Fingerprint Sensor\ATService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
atieclxx
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Intel\AMT\LMS.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
WLIDSvcM.exe 2856
"C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe" -Embedding
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000009a4
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\DllHost.exe /Processid:{38E38285-D33D-40EB-9006-439225C54923}
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
taskeng.exe {B20A4AFE-85AF-482E-9611-BF0C8876B913}
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\30.0.1835.125\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=4348
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=gpu-process --channel="4348.0.2052518782\1032530136" --crash-reporter-pid=1728 --enable-mse-h264-support --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,9,22,45 --gpu-vendor-id=0x1002 --gpu-device-id=0x9591 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.632.1.1000 --crash-reporter-pid=1728 --enable-mse-h264-support --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.2.1733270797\1847787889" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.3.2139974065\16535789" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.4.40790618\1455392867" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.5.1190231991\401149724" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.7.601232041\670877988" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.8.1412419929\1731637983" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.9.12153996\730157490" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.10.1861567428\160354274" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.11.516592416\358867459" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.12.1776819308\469488306" /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\ntb\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\mu6n94o6.default-1422558027457
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EA99306-BC87-4930-9E1D-1D1EA32A7E4E}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\bin\ItIEAddIn64.dll [2010-01-18 568064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2010-01-18 98560]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"picon"=C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [2009-07-15 358936]
"SoundMAX"=C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-03 2174760]
"acevents"=C:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-03 196648]
""= []
"accrdsub"=C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2009-06-03 483880]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"KiesPDLR.exe"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2015-04-28 1015104]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2015-04-28 1566016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe [2015-04-28 1566016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2015-04-28 311616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR]
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2010-04-13 358456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackUpdateChecker.lnk]
C:\Windows\SysWOW64\C2MP\UPDATE~1.EXE [2014-05-20 48688]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304]
"CognizanceTS"=C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll [2010-01-18 24832]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-08-13 137352]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-06-16 730416]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-31 07:11:37 ----D---- C:\_OTM
2015-07-29 07:35:36 ----A---- C:\Windows\system32\generaltel.dll
2015-07-29 07:35:36 ----A---- C:\Windows\system32\devinv.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\invagent.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\appraiser.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\aeinv.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\acmigration.dll
2015-07-29 07:35:34 ----A---- C:\Windows\system32\aepdu.dll
2015-07-29 07:35:32 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-22 21:53:26 ----D---- C:\ProgramData\GRETECH
2015-07-22 21:52:52 ----D---- C:\Users\ntb\AppData\Roaming\GRETECH
2015-07-22 21:52:24 ----D---- C:\Program Files (x86)\GRETECH
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\lpk.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\fontsub.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\dciman32.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\atmfd.dll
2015-07-21 03:19:15 ----D---- C:\Program Files\Free FLV Player
2015-07-15 17:25:09 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2015-07-15 17:25:09 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wups.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 17:25:05 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 17:24:53 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 17:24:51 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 17:24:51 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-15 17:24:50 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 17:24:49 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-07-15 17:24:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-15 17:24:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 17:24:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-15 17:24:41 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 17:24:41 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-07-15 17:23:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 17:23:55 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 17:23:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 17:23:50 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-07-15 17:23:50 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 17:23:49 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-15 17:23:49 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-15 17:23:49 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 17:23:49 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 17:23:49 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 17:23:47 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 17:23:47 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 17:23:46 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 17:21:30 ----A---- C:\Windows\system32\wksprt.exe
2015-07-15 17:21:30 ----A---- C:\Windows\system32\mstscax.dll
2015-07-15 17:21:28 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-07-15 17:21:28 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-07-15 17:21:28 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-07-15 17:21:27 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-07-15 17:21:27 ----A---- C:\Windows\system32\tsgqec.dll
2015-07-15 17:21:26 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 17:21:26 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 17:21:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-07-15 17:21:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-07-15 17:21:04 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 17:21:04 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 17:21:04 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 17:21:03 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 17:21:03 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 17:20:50 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 17:20:50 ----A---- C:\Windows\system32\msi.dll
2015-07-15 17:20:50 ----A---- C:\Windows\system32\authui.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 17:20:49 ----A---- C:\Windows\system32\consent.exe
2015-07-15 17:20:49 ----A---- C:\Windows\system32\appinfo.dll
2015-07-12 18:53:11 ----D---- C:\Program Files (x86)\Disc Soft
2015-07-12 18:52:12 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2015-07-12 17:32:35 ----D---- C:\ProgramData\Canneverbe Limited
2015-07-12 17:32:20 ----D---- C:\Users\ntb\AppData\Roaming\Canneverbe Limited
2015-07-12 17:24:18 ----D---- C:\Users\ntb\AppData\Roaming\InfraRecorder
2015-07-10 20:37:19 ----SHD---- C:\$RECYCLE.BIN
2015-07-10 20:33:34 ----HD---- C:\$Windows.~BT
2015-07-10 19:41:46 ----A---- C:\Windows\zip.exe
2015-07-10 19:41:46 ----A---- C:\Windows\SWSC.exe
2015-07-10 19:41:46 ----A---- C:\Windows\SWREG.exe
2015-07-10 19:41:46 ----A---- C:\Windows\sed.exe
2015-07-10 19:41:46 ----A---- C:\Windows\PEV.exe
2015-07-10 19:41:46 ----A---- C:\Windows\NIRCMD.exe
2015-07-10 19:41:46 ----A---- C:\Windows\MBR.exe
2015-07-10 19:41:46 ----A---- C:\Windows\grep.exe
2015-07-10 19:41:30 ----SD---- C:\ComboFix
2015-07-10 19:40:38 ----D---- C:\Qoobox
2015-07-10 19:35:12 ----D---- C:\Windows\erdnt
2015-07-10 19:34:53 ----SD---- C:\32788R22FWJFW
2015-07-02 17:56:35 ----A---- C:\Windows\system32\drivers\sscewhnt.sys
2015-07-02 17:56:35 ----A---- C:\Windows\system32\drivers\sscewh.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscemdm.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscemdfl.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscecmnt.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscecm.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscebus.sys
======List of files/folders modified in the last 1 month======
2015-07-31 07:24:02 ----D---- C:\Program Files\trend micro
2015-07-31 07:24:01 ----D---- C:\Windows\Temp
2015-07-31 07:15:03 ----A---- C:\Windows\SYSWOW64\log.txt
2015-07-31 07:13:59 ----D---- C:\Windows\system32\config
2015-07-31 07:11:43 ----RD---- C:\Program Files (x86)\Skype
2015-07-30 18:16:33 ----D---- C:\Windows\Panther
2015-07-30 17:58:49 ----D---- C:\Windows\winsxs
2015-07-30 07:37:42 ----D---- C:\AdwCleaner
2015-07-30 07:37:35 ----RD---- C:\Program Files (x86)
2015-07-29 19:21:50 ----D---- C:\Windows\System32
2015-07-29 19:21:50 ----D---- C:\Windows\inf
2015-07-29 19:21:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-29 17:24:45 ----D---- C:\Windows\Prefetch
2015-07-29 17:17:15 ----SD---- C:\Windows\system32\CompatTel
2015-07-29 07:49:40 ----SHD---- C:\System Volume Information
2015-07-29 07:36:14 ----D---- C:\Windows\Logs
2015-07-29 07:30:25 ----D---- C:\Windows\SoftwareDistribution
2015-07-25 22:40:46 ----D---- C:\Windows\rescache
2015-07-25 18:45:13 ----SD---- C:\Windows\system32\GWX
2015-07-24 13:49:10 ----AD---- C:\Windows
2015-07-22 21:53:26 ----HD---- C:\ProgramData
2015-07-22 07:15:25 ----D---- C:\Windows\SysWOW64
2015-07-21 18:06:53 ----D---- C:\Windows\system32\catroot2
2015-07-21 17:55:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-21 03:19:15 ----RD---- C:\Program Files
2015-07-16 21:12:11 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-16 21:12:11 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-07-16 21:12:11 ----D---- C:\Windows\system32\sk-SK
2015-07-16 21:12:11 ----D---- C:\Windows\PolicyDefinitions
2015-07-16 21:12:10 ----D---- C:\Windows\SYSWOW64\en-US
2015-07-16 21:12:10 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-16 21:12:09 ----D---- C:\Windows\system32\en-US
2015-07-16 21:12:04 ----D---- C:\Program Files\Internet Explorer
2015-07-16 21:11:54 ----D---- C:\Windows\system32\drivers
2015-07-16 21:11:51 ----D---- C:\Windows\system32\wbem
2015-07-16 21:11:51 ----D---- C:\Windows\system32\appraiser
2015-07-16 21:11:51 ----D---- C:\Windows\AppPatch
2015-07-16 20:35:42 ----SHD---- C:\Windows\Installer
2015-07-16 20:35:42 ----SHD---- C:\Config.Msi
2015-07-16 20:29:43 ----D---- C:\Windows\system32\MRT
2015-07-16 20:20:02 ----D---- C:\Windows\debug
2015-07-15 21:43:51 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-15 17:03:09 ----D---- C:\Windows\system32\Tasks
2015-07-14 17:33:26 ----D---- C:\Program Files (x86)\Opera
2015-07-13 20:52:17 ----D---- C:\Users\ntb\AppData\Roaming\DAEMON Tools Lite
2015-07-12 20:29:49 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2015-07-12 20:20:21 ----D---- C:\ProgramData\DAEMON Tools Lite
2015-07-12 20:20:14 ----D---- C:\Users\ntb\AppData\Roaming\4Media
2015-07-12 20:20:10 ----SD---- C:\Users\ntb\AppData\Roaming\Microsoft
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\IrfanView
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\foobar2000
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\DVDVideoSoft
2015-07-12 20:20:04 ----D---- C:\Users\ntb\AppData\Roaming\SAMSUNG Drivers Update Utility
2015-07-12 20:20:04 ----D---- C:\Users\ntb\AppData\Roaming\R-TT
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\vlc
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Ulozto File Manager
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Thunderbird
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Skype
2015-07-12 20:19:15 ----D---- C:\Windows\system32\DriverStore
2015-07-12 20:19:14 ----D---- C:\Windows\Tasks
2015-07-12 20:19:14 ----D---- C:\Windows\registration
2015-07-10 19:51:53 ----D---- C:\Windows\SYSWOW64\drivers
2015-07-10 19:51:51 ----D---- C:\Program Files (x86)\Common Files
2015-07-03 08:43:04 ----A---- C:\Windows\system32\MRT.exe
2015-07-02 22:44:25 ----D---- C:\Windows\system32\catroot
2015-07-02 18:34:29 ----D---- C:\Windows\Microsoft.NET
2015-07-02 17:56:18 ----D---- C:\Program Files (x86)\Samsung
2015-07-02 17:10:51 ----D---- C:\Program Files (x86)\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-03-05 55912]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2007-07-16 60160]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-03-05 15464]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-07-12 381608]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-29 50976]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-06-16 132656]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-11-24 28600]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 31400]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-03-05 14952]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-02-25 252704]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-02-25 126752]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-08-13 450456]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-06-16 153256]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-03-04 44088]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-06-25 57856]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 119312]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-04 6037504]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2010-03-01 549888]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHprint;Microsoft Bluetooth Printer Class; C:\Windows\system32\DRIVERS\bthprint.sys [2009-07-14 67072]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 19000]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-06-23 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rismcx64;RICOH Smart Card Reader; C:\Windows\system32\DRIVERS\rismcx64.sys [2009-07-20 59008]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1875624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-03 1379376]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-02-25 140576]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-02-25 154912]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\E:\aida\kerneld.x64 []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-07-12 30264]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2014-01-31 94704]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-07-12 85320]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2012-01-09 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\Windows\system32\DRIVERS\silabenm.sys [2014-04-11 23552]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\Windows\system32\DRIVERS\silabser.sys [2014-04-11 79360]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM); C:\Windows\system32\DRIVERS\sscebus.sys [2014-10-13 169288]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter; C:\Windows\system32\DRIVERS\sscemdfl.sys [2014-10-13 21320]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers; C:\Windows\system32\DRIVERS\sscemdm.sys [2014-10-13 188232]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2014-02-25 113952]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-04 203264]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-06-16 450808]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-06-16 450808]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-07-29 1841912]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-03-05 256616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\AMT\LMS.exe [2009-07-15 174616]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2009-07-15 2058776]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-08-13 3596752]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-06-16 827184]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-06-16 1188360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2010-04-13 45056]
S3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-20 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-14 148080]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-07 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
All processes killed
========== FILES ==========
C:\Program Files (x86)\Skype\Toolbars\PNRSvc folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64 folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\FirefoxAddOn folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars folder moved successfully.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
========== SERVICES/DRIVERS ==========
Service c2cautoupdatesvc stopped successfully!
Service c2cautoupdatesvc deleted successfully!
Service c2cpnrsvc stopped successfully!
Service c2cpnrsvc deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: ntb
->Temp folder emptied: 3840847 bytes
->Temporary Internet Files folder emptied: 10424294 bytes
->Java cache emptied: 48342 bytes
->FireFox cache emptied: 6924853 bytes
->Flash cache emptied: 506 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33639349 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 334324 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 53,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: ntb
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 07312015_071137
Files moved on Reboot...
C:\Users\ntb\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\ntb\AppData\Local\Temp\~DFF1429587B5C93EDD.TMP moved successfully.
C:\Users\ntb\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\temp\9BE197E1-A1BC-459B-8888-03BF3AF4D705\DismCorePS.dll moved successfully.
C:\Windows\temp\9BE197E1-A1BC-459B-8888-03BF3AF4D705\DismHost.exe moved successfully.
C:\Windows\temp\9BE197E1-A1BC-459B-8888-03BF3AF4D705\DismProv.dll moved successfully.
C:\Windows\temp\9BE197E1-A1BC-459B-8888-03BF3AF4D705\DmiProvider.dll moved successfully.
C:\Windows\temp\9BE197E1-A1BC-459B-8888-03BF3AF4D705\LogProvider.dll moved successfully.
C:\Windows\temp\9BE197E1-A1BC-459B-8888-03BF3AF4D705\OSProvider.dll moved successfully.
C:\Windows\temp\9BE197E1-A1BC-459B-8888-03BF3AF4D705\wdscore.dll moved successfully.
File C:\Windows\temp\ZLT030fe.TMP not found!
File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
LOG RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by ntb at 2015-07-31 07:24:00
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 37 GB (16%) free of 238 GB
Total RAM: 3996 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:24:03, on 31. 7. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera_crashreporter.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files\trend micro\ntb.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.com/?win=160&clid=1989595
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKUS\S-1-5-18\..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\AMT\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 11228 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\SysWOW64\svchost.exe -k Cognizance
C:\Windows\SysWOW64\svchost.exe -k Bioscrypt
"C:\Program Files\Fingerprint Sensor\ATService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
atieclxx
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Intel\AMT\LMS.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
WLIDSvcM.exe 2856
"C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe" -Embedding
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000009a4
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\DllHost.exe /Processid:{38E38285-D33D-40EB-9006-439225C54923}
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
taskeng.exe {B20A4AFE-85AF-482E-9611-BF0C8876B913}
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\30.0.1835.125\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=4348
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=gpu-process --channel="4348.0.2052518782\1032530136" --crash-reporter-pid=1728 --enable-mse-h264-support --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,9,22,45 --gpu-vendor-id=0x1002 --gpu-device-id=0x9591 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.632.1.1000 --crash-reporter-pid=1728 --enable-mse-h264-support --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.2.1733270797\1847787889" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.3.2139974065\16535789" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.4.40790618\1455392867" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.5.1190231991\401149724" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.7.601232041\670877988" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.8.1412419929\1731637983" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.9.12153996\730157490" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.10.1861567428\160354274" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.11.516592416\358867459" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=1728 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4348 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4348.12.1776819308\469488306" /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\ntb\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\mu6n94o6.default-1422558027457
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EA99306-BC87-4930-9E1D-1D1EA32A7E4E}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\bin\ItIEAddIn64.dll [2010-01-18 568064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2010-01-18 98560]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"picon"=C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [2009-07-15 358936]
"SoundMAX"=C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-03 2174760]
"acevents"=C:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-03 196648]
""= []
"accrdsub"=C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2009-06-03 483880]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"KiesPDLR.exe"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2015-04-28 1015104]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2015-04-28 1566016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe [2015-04-28 1566016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2015-04-28 311616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR]
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2010-04-13 358456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackUpdateChecker.lnk]
C:\Windows\SysWOW64\C2MP\UPDATE~1.EXE [2014-05-20 48688]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304]
"CognizanceTS"=C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll [2010-01-18 24832]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-08-13 137352]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-06-16 730416]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-31 07:11:37 ----D---- C:\_OTM
2015-07-29 07:35:36 ----A---- C:\Windows\system32\generaltel.dll
2015-07-29 07:35:36 ----A---- C:\Windows\system32\devinv.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\invagent.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\appraiser.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\aeinv.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\acmigration.dll
2015-07-29 07:35:34 ----A---- C:\Windows\system32\aepdu.dll
2015-07-29 07:35:32 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-22 21:53:26 ----D---- C:\ProgramData\GRETECH
2015-07-22 21:52:52 ----D---- C:\Users\ntb\AppData\Roaming\GRETECH
2015-07-22 21:52:24 ----D---- C:\Program Files (x86)\GRETECH
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\lpk.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\fontsub.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\dciman32.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\atmfd.dll
2015-07-21 03:19:15 ----D---- C:\Program Files\Free FLV Player
2015-07-15 17:25:09 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2015-07-15 17:25:09 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wups.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 17:25:05 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 17:24:53 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 17:24:51 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 17:24:51 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-15 17:24:50 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 17:24:49 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-07-15 17:24:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-15 17:24:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 17:24:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-15 17:24:41 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 17:24:41 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-07-15 17:23:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 17:23:55 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 17:23:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 17:23:50 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-07-15 17:23:50 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 17:23:49 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-15 17:23:49 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-15 17:23:49 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 17:23:49 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 17:23:49 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 17:23:47 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 17:23:47 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 17:23:46 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 17:21:30 ----A---- C:\Windows\system32\wksprt.exe
2015-07-15 17:21:30 ----A---- C:\Windows\system32\mstscax.dll
2015-07-15 17:21:28 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-07-15 17:21:28 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-07-15 17:21:28 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-07-15 17:21:27 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-07-15 17:21:27 ----A---- C:\Windows\system32\tsgqec.dll
2015-07-15 17:21:26 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 17:21:26 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 17:21:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-07-15 17:21:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-07-15 17:21:04 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 17:21:04 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 17:21:04 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 17:21:03 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 17:21:03 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 17:20:50 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 17:20:50 ----A---- C:\Windows\system32\msi.dll
2015-07-15 17:20:50 ----A---- C:\Windows\system32\authui.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 17:20:49 ----A---- C:\Windows\system32\consent.exe
2015-07-15 17:20:49 ----A---- C:\Windows\system32\appinfo.dll
2015-07-12 18:53:11 ----D---- C:\Program Files (x86)\Disc Soft
2015-07-12 18:52:12 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2015-07-12 17:32:35 ----D---- C:\ProgramData\Canneverbe Limited
2015-07-12 17:32:20 ----D---- C:\Users\ntb\AppData\Roaming\Canneverbe Limited
2015-07-12 17:24:18 ----D---- C:\Users\ntb\AppData\Roaming\InfraRecorder
2015-07-10 20:37:19 ----SHD---- C:\$RECYCLE.BIN
2015-07-10 20:33:34 ----HD---- C:\$Windows.~BT
2015-07-10 19:41:46 ----A---- C:\Windows\zip.exe
2015-07-10 19:41:46 ----A---- C:\Windows\SWSC.exe
2015-07-10 19:41:46 ----A---- C:\Windows\SWREG.exe
2015-07-10 19:41:46 ----A---- C:\Windows\sed.exe
2015-07-10 19:41:46 ----A---- C:\Windows\PEV.exe
2015-07-10 19:41:46 ----A---- C:\Windows\NIRCMD.exe
2015-07-10 19:41:46 ----A---- C:\Windows\MBR.exe
2015-07-10 19:41:46 ----A---- C:\Windows\grep.exe
2015-07-10 19:41:30 ----SD---- C:\ComboFix
2015-07-10 19:40:38 ----D---- C:\Qoobox
2015-07-10 19:35:12 ----D---- C:\Windows\erdnt
2015-07-10 19:34:53 ----SD---- C:\32788R22FWJFW
2015-07-02 17:56:35 ----A---- C:\Windows\system32\drivers\sscewhnt.sys
2015-07-02 17:56:35 ----A---- C:\Windows\system32\drivers\sscewh.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscemdm.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscemdfl.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscecmnt.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscecm.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscebus.sys
======List of files/folders modified in the last 1 month======
2015-07-31 07:24:02 ----D---- C:\Program Files\trend micro
2015-07-31 07:24:01 ----D---- C:\Windows\Temp
2015-07-31 07:15:03 ----A---- C:\Windows\SYSWOW64\log.txt
2015-07-31 07:13:59 ----D---- C:\Windows\system32\config
2015-07-31 07:11:43 ----RD---- C:\Program Files (x86)\Skype
2015-07-30 18:16:33 ----D---- C:\Windows\Panther
2015-07-30 17:58:49 ----D---- C:\Windows\winsxs
2015-07-30 07:37:42 ----D---- C:\AdwCleaner
2015-07-30 07:37:35 ----RD---- C:\Program Files (x86)
2015-07-29 19:21:50 ----D---- C:\Windows\System32
2015-07-29 19:21:50 ----D---- C:\Windows\inf
2015-07-29 19:21:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-29 17:24:45 ----D---- C:\Windows\Prefetch
2015-07-29 17:17:15 ----SD---- C:\Windows\system32\CompatTel
2015-07-29 07:49:40 ----SHD---- C:\System Volume Information
2015-07-29 07:36:14 ----D---- C:\Windows\Logs
2015-07-29 07:30:25 ----D---- C:\Windows\SoftwareDistribution
2015-07-25 22:40:46 ----D---- C:\Windows\rescache
2015-07-25 18:45:13 ----SD---- C:\Windows\system32\GWX
2015-07-24 13:49:10 ----AD---- C:\Windows
2015-07-22 21:53:26 ----HD---- C:\ProgramData
2015-07-22 07:15:25 ----D---- C:\Windows\SysWOW64
2015-07-21 18:06:53 ----D---- C:\Windows\system32\catroot2
2015-07-21 17:55:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-21 03:19:15 ----RD---- C:\Program Files
2015-07-16 21:12:11 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-16 21:12:11 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-07-16 21:12:11 ----D---- C:\Windows\system32\sk-SK
2015-07-16 21:12:11 ----D---- C:\Windows\PolicyDefinitions
2015-07-16 21:12:10 ----D---- C:\Windows\SYSWOW64\en-US
2015-07-16 21:12:10 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-16 21:12:09 ----D---- C:\Windows\system32\en-US
2015-07-16 21:12:04 ----D---- C:\Program Files\Internet Explorer
2015-07-16 21:11:54 ----D---- C:\Windows\system32\drivers
2015-07-16 21:11:51 ----D---- C:\Windows\system32\wbem
2015-07-16 21:11:51 ----D---- C:\Windows\system32\appraiser
2015-07-16 21:11:51 ----D---- C:\Windows\AppPatch
2015-07-16 20:35:42 ----SHD---- C:\Windows\Installer
2015-07-16 20:35:42 ----SHD---- C:\Config.Msi
2015-07-16 20:29:43 ----D---- C:\Windows\system32\MRT
2015-07-16 20:20:02 ----D---- C:\Windows\debug
2015-07-15 21:43:51 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-15 17:03:09 ----D---- C:\Windows\system32\Tasks
2015-07-14 17:33:26 ----D---- C:\Program Files (x86)\Opera
2015-07-13 20:52:17 ----D---- C:\Users\ntb\AppData\Roaming\DAEMON Tools Lite
2015-07-12 20:29:49 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2015-07-12 20:20:21 ----D---- C:\ProgramData\DAEMON Tools Lite
2015-07-12 20:20:14 ----D---- C:\Users\ntb\AppData\Roaming\4Media
2015-07-12 20:20:10 ----SD---- C:\Users\ntb\AppData\Roaming\Microsoft
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\IrfanView
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\foobar2000
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\DVDVideoSoft
2015-07-12 20:20:04 ----D---- C:\Users\ntb\AppData\Roaming\SAMSUNG Drivers Update Utility
2015-07-12 20:20:04 ----D---- C:\Users\ntb\AppData\Roaming\R-TT
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\vlc
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Ulozto File Manager
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Thunderbird
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Skype
2015-07-12 20:19:15 ----D---- C:\Windows\system32\DriverStore
2015-07-12 20:19:14 ----D---- C:\Windows\Tasks
2015-07-12 20:19:14 ----D---- C:\Windows\registration
2015-07-10 19:51:53 ----D---- C:\Windows\SYSWOW64\drivers
2015-07-10 19:51:51 ----D---- C:\Program Files (x86)\Common Files
2015-07-03 08:43:04 ----A---- C:\Windows\system32\MRT.exe
2015-07-02 22:44:25 ----D---- C:\Windows\system32\catroot
2015-07-02 18:34:29 ----D---- C:\Windows\Microsoft.NET
2015-07-02 17:56:18 ----D---- C:\Program Files (x86)\Samsung
2015-07-02 17:10:51 ----D---- C:\Program Files (x86)\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-03-05 55912]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2007-07-16 60160]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-03-05 15464]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-07-12 381608]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-29 50976]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-06-16 132656]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-11-24 28600]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 31400]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-03-05 14952]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-02-25 252704]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-02-25 126752]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-08-13 450456]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-06-16 153256]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-03-04 44088]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-06-25 57856]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 119312]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-04 6037504]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2010-03-01 549888]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHprint;Microsoft Bluetooth Printer Class; C:\Windows\system32\DRIVERS\bthprint.sys [2009-07-14 67072]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 19000]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-06-23 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rismcx64;RICOH Smart Card Reader; C:\Windows\system32\DRIVERS\rismcx64.sys [2009-07-20 59008]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1875624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-03 1379376]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-02-25 140576]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-02-25 154912]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\E:\aida\kerneld.x64 []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-07-12 30264]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2014-01-31 94704]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-07-12 85320]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2012-01-09 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\Windows\system32\DRIVERS\silabenm.sys [2014-04-11 23552]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\Windows\system32\DRIVERS\silabser.sys [2014-04-11 79360]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM); C:\Windows\system32\DRIVERS\sscebus.sys [2014-10-13 169288]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter; C:\Windows\system32\DRIVERS\sscemdfl.sys [2014-10-13 21320]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers; C:\Windows\system32\DRIVERS\sscemdm.sys [2014-10-13 188232]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2014-02-25 113952]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-04 203264]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-06-16 450808]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-06-16 450808]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-07-29 1841912]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-03-05 256616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\AMT\LMS.exe [2009-07-15 174616]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2009-07-15 2058776]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-08-13 3596752]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-06-16 827184]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-06-16 1188360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2010-04-13 45056]
S3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-20 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-14 148080]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-07 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu.
Dvouklikem na soubor C:\Program Files\trend micro\ntb.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.com/?win=160&clid=1989595
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
peter19500
- Návštěvník
- Příspěvky: 49
- Registrován: 11 srp 2009 16:52
Re: Prosím o kontrolu.
Pre istotu vkladám log z RSIT.
Ďakujem veľmi pekne za pomoc.
Logfile of random's system information tool 1.10 (written by random/random)
Run by ntb at 2015-08-01 11:41:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 37 GB (15%) free of 238 GB
Total RAM: 3996 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:41:31, on 1. 8. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera_crashreporter.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files\trend micro\ntb.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKUS\S-1-5-18\..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\AMT\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 11207 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\SysWOW64\svchost.exe -k Cognizance
C:\Windows\SysWOW64\svchost.exe -k Bioscrypt
"C:\Program Files\Fingerprint Sensor\ATService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Intel\AMT\LMS.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
WLIDSvcM.exe 2784
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe" -Embedding
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" Run
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Windows\system32\DllHost.exe /Processid:{38E38285-D33D-40EB-9006-439225C54923}
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000830
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\servicing\TrustedInstaller.exe
taskeng.exe {ABD1F338-B2D8-4F63-85F7-E4196410D938}
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\30.0.1835.125\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=4080
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=gpu-process --channel="4080.0.1461368489\886179303" --crash-reporter-pid=5248 --enable-mse-h264-support --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,9,22,45 --gpu-vendor-id=0x1002 --gpu-device-id=0x9591 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.632.1.1000 --crash-reporter-pid=5248 --enable-mse-h264-support --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.2.1075958819\2126077230" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.3.1258450840\2023656303" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.4.920193486\1536164796" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.5.1826068233\392681297" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.7.1660077460\1518504308" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.8.355306433\1424135487" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.9.2132404836\1388996186" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.10.1419678050\551121204" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.11.29526837\1063889997" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.12.2140421506\1637318632" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.13.1613871082\99361977" /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=ppapi --channel="4080.14.1614124817\170199559" --ppapi-flash-args --lang=sk --crash-reporter-pid=5248 --enable-mse-h264-support --ignored=" --type=renderer " /prefetch:-632637702
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\ntb\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\mu6n94o6.default-1422558027457
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EA99306-BC87-4930-9E1D-1D1EA32A7E4E}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\bin\ItIEAddIn64.dll [2010-01-18 568064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2010-01-18 98560]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"picon"=C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [2009-07-15 358936]
"SoundMAX"=C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-03 2174760]
"acevents"=C:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-03 196648]
""= []
"accrdsub"=C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2009-06-03 483880]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"KiesPDLR.exe"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2015-04-28 1015104]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2015-04-28 1566016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe [2015-04-28 1566016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2015-04-28 311616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR]
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2010-04-13 358456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackUpdateChecker.lnk]
C:\Windows\SysWOW64\C2MP\UPDATE~1.EXE [2014-05-20 48688]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304]
"CognizanceTS"=C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll [2010-01-18 24832]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-08-13 137352]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-07-31 782008]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-01 11:41:29 ----D---- C:\rsit
2015-07-29 07:35:36 ----A---- C:\Windows\system32\generaltel.dll
2015-07-29 07:35:36 ----A---- C:\Windows\system32\devinv.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\invagent.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\appraiser.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\aeinv.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\acmigration.dll
2015-07-29 07:35:34 ----A---- C:\Windows\system32\aepdu.dll
2015-07-29 07:35:32 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-22 21:53:26 ----D---- C:\ProgramData\GRETECH
2015-07-22 21:52:52 ----D---- C:\Users\ntb\AppData\Roaming\GRETECH
2015-07-22 21:52:24 ----D---- C:\Program Files (x86)\GRETECH
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\lpk.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\fontsub.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\dciman32.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\atmfd.dll
2015-07-21 03:19:15 ----D---- C:\Program Files\Free FLV Player
2015-07-15 17:25:09 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2015-07-15 17:25:09 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wups.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 17:25:05 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 17:24:53 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 17:24:51 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 17:24:51 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-15 17:24:50 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 17:24:49 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-07-15 17:24:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-15 17:24:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 17:24:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-15 17:24:41 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 17:24:41 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-07-15 17:23:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 17:23:55 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 17:23:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 17:23:50 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-07-15 17:23:50 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 17:23:49 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-15 17:23:49 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-15 17:23:49 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 17:23:49 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 17:23:49 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 17:23:47 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 17:23:47 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 17:23:46 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 17:21:30 ----A---- C:\Windows\system32\wksprt.exe
2015-07-15 17:21:30 ----A---- C:\Windows\system32\mstscax.dll
2015-07-15 17:21:28 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-07-15 17:21:28 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-07-15 17:21:28 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-07-15 17:21:27 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-07-15 17:21:27 ----A---- C:\Windows\system32\tsgqec.dll
2015-07-15 17:21:26 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 17:21:26 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 17:21:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-07-15 17:21:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-07-15 17:21:04 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 17:21:04 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 17:21:04 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 17:21:03 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 17:21:03 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 17:20:50 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 17:20:50 ----A---- C:\Windows\system32\msi.dll
2015-07-15 17:20:50 ----A---- C:\Windows\system32\authui.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 17:20:49 ----A---- C:\Windows\system32\consent.exe
2015-07-15 17:20:49 ----A---- C:\Windows\system32\appinfo.dll
2015-07-12 18:53:11 ----D---- C:\Program Files (x86)\Disc Soft
2015-07-12 18:52:12 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2015-07-12 17:32:35 ----D---- C:\ProgramData\Canneverbe Limited
2015-07-12 17:32:20 ----D---- C:\Users\ntb\AppData\Roaming\Canneverbe Limited
2015-07-12 17:24:18 ----D---- C:\Users\ntb\AppData\Roaming\InfraRecorder
2015-07-10 20:37:19 ----SHD---- C:\$RECYCLE.BIN
2015-07-10 20:33:34 ----HD---- C:\$Windows.~BT
2015-07-10 19:35:12 ----D---- C:\Windows\erdnt
2015-07-10 19:34:53 ----SD---- C:\32788R22FWJFW
2015-07-02 17:56:35 ----A---- C:\Windows\system32\drivers\sscewhnt.sys
2015-07-02 17:56:35 ----A---- C:\Windows\system32\drivers\sscewh.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscemdm.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscemdfl.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscecmnt.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscecm.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscebus.sys
======List of files/folders modified in the last 1 month======
2015-08-01 11:41:29 ----D---- C:\Windows\Temp
2015-08-01 11:41:29 ----D---- C:\Program Files\trend micro
2015-08-01 11:37:07 ----D---- C:\Windows\system32\config
2015-08-01 11:32:52 ----A---- C:\Windows\SYSWOW64\log.txt
2015-08-01 11:31:33 ----AD---- C:\Windows
2015-07-31 16:08:35 ----D---- C:\Windows\system32\drivers
2015-07-31 07:11:43 ----RD---- C:\Program Files (x86)\Skype
2015-07-30 18:16:33 ----D---- C:\Windows\Panther
2015-07-30 17:58:49 ----D---- C:\Windows\winsxs
2015-07-30 07:37:42 ----D---- C:\AdwCleaner
2015-07-30 07:37:35 ----RD---- C:\Program Files (x86)
2015-07-29 19:21:50 ----D---- C:\Windows\System32
2015-07-29 19:21:50 ----D---- C:\Windows\inf
2015-07-29 19:21:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-29 17:24:45 ----D---- C:\Windows\Prefetch
2015-07-29 17:17:15 ----SD---- C:\Windows\system32\CompatTel
2015-07-29 07:49:40 ----SHD---- C:\System Volume Information
2015-07-29 07:36:14 ----D---- C:\Windows\Logs
2015-07-29 07:30:25 ----D---- C:\Windows\SoftwareDistribution
2015-07-25 22:40:46 ----D---- C:\Windows\rescache
2015-07-25 18:45:13 ----SD---- C:\Windows\system32\GWX
2015-07-22 21:53:26 ----HD---- C:\ProgramData
2015-07-22 07:15:25 ----D---- C:\Windows\SysWOW64
2015-07-21 18:06:53 ----D---- C:\Windows\system32\catroot2
2015-07-21 17:55:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-21 03:19:15 ----RD---- C:\Program Files
2015-07-16 21:12:11 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-16 21:12:11 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-07-16 21:12:11 ----D---- C:\Windows\system32\sk-SK
2015-07-16 21:12:11 ----D---- C:\Windows\PolicyDefinitions
2015-07-16 21:12:10 ----D---- C:\Windows\SYSWOW64\en-US
2015-07-16 21:12:10 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-16 21:12:09 ----D---- C:\Windows\system32\en-US
2015-07-16 21:12:04 ----D---- C:\Program Files\Internet Explorer
2015-07-16 21:11:51 ----D---- C:\Windows\system32\wbem
2015-07-16 21:11:51 ----D---- C:\Windows\system32\appraiser
2015-07-16 21:11:51 ----D---- C:\Windows\AppPatch
2015-07-16 20:35:42 ----SHD---- C:\Windows\Installer
2015-07-16 20:35:42 ----SHD---- C:\Config.Msi
2015-07-16 20:29:43 ----D---- C:\Windows\system32\MRT
2015-07-16 20:20:02 ----D---- C:\Windows\debug
2015-07-15 21:43:51 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-15 17:03:09 ----D---- C:\Windows\system32\Tasks
2015-07-14 17:33:26 ----D---- C:\Program Files (x86)\Opera
2015-07-13 20:52:17 ----D---- C:\Users\ntb\AppData\Roaming\DAEMON Tools Lite
2015-07-12 20:29:49 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2015-07-12 20:20:21 ----D---- C:\ProgramData\DAEMON Tools Lite
2015-07-12 20:20:14 ----D---- C:\Users\ntb\AppData\Roaming\4Media
2015-07-12 20:20:10 ----SD---- C:\Users\ntb\AppData\Roaming\Microsoft
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\IrfanView
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\foobar2000
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\DVDVideoSoft
2015-07-12 20:20:04 ----D---- C:\Users\ntb\AppData\Roaming\SAMSUNG Drivers Update Utility
2015-07-12 20:20:04 ----D---- C:\Users\ntb\AppData\Roaming\R-TT
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\vlc
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Ulozto File Manager
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Thunderbird
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Skype
2015-07-12 20:19:15 ----D---- C:\Windows\system32\DriverStore
2015-07-12 20:19:14 ----D---- C:\Windows\Tasks
2015-07-12 20:19:14 ----D---- C:\Windows\registration
2015-07-10 19:51:53 ----D---- C:\Windows\SYSWOW64\drivers
2015-07-10 19:51:51 ----D---- C:\Program Files (x86)\Common Files
2015-07-03 08:43:04 ----A---- C:\Windows\system32\MRT.exe
2015-07-02 22:44:25 ----D---- C:\Windows\system32\catroot
2015-07-02 18:34:29 ----D---- C:\Windows\Microsoft.NET
2015-07-02 17:56:18 ----D---- C:\Program Files (x86)\Samsung
2015-07-02 17:10:51 ----D---- C:\Program Files (x86)\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-03-05 55912]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2007-07-16 60160]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-03-05 15464]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-07-12 381608]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-29 50976]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-07-31 141416]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-11-24 28600]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 31400]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-03-05 14952]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-02-25 252704]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-02-25 126752]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-08-13 450456]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-07-31 162528]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-03-04 44088]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-06-25 57856]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 119312]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-04 6037504]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2010-03-01 549888]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHprint;Microsoft Bluetooth Printer Class; C:\Windows\system32\DRIVERS\bthprint.sys [2009-07-14 67072]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 19000]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-06-23 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rismcx64;RICOH Smart Card Reader; C:\Windows\system32\DRIVERS\rismcx64.sys [2009-07-20 59008]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1875624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-03 1379376]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-02-25 140576]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-02-25 154912]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\E:\aida\kerneld.x64 []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-07-12 30264]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2014-01-31 94704]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-07-12 85320]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2012-01-09 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\Windows\system32\DRIVERS\silabenm.sys [2014-04-11 23552]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\Windows\system32\DRIVERS\silabser.sys [2014-04-11 79360]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM); C:\Windows\system32\DRIVERS\sscebus.sys [2014-10-13 169288]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter; C:\Windows\system32\DRIVERS\sscemdfl.sys [2014-10-13 21320]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers; C:\Windows\system32\DRIVERS\sscemdm.sys [2014-10-13 188232]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2014-02-25 113952]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-04 203264]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-07-31 461672]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-07-31 461672]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-07-29 1841912]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-03-05 256616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\AMT\LMS.exe [2009-07-15 174616]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2009-07-15 2058776]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-08-13 3596752]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-07-31 887128]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-07-31 1213072]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2010-04-13 45056]
S3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-20 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-14 148080]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-07 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Ďakujem veľmi pekne za pomoc.
Logfile of random's system information tool 1.10 (written by random/random)
Run by ntb at 2015-08-01 11:41:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 37 GB (15%) free of 238 GB
Total RAM: 3996 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:41:31, on 1. 8. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera_crashreporter.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
C:\Program Files\trend micro\ntb.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKUS\S-1-5-18\..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\ATService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\AMT\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 11207 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\SysWOW64\svchost.exe -k Cognizance
C:\Windows\SysWOW64\svchost.exe -k Bioscrypt
"C:\Program Files\Fingerprint Sensor\ATService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Intel\AMT\LMS.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
WLIDSvcM.exe 2784
"C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Hewlett-Packard\IAM\bin\AsGHost.exe" -Embedding
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" Run
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Windows\system32\DllHost.exe /Processid:{38E38285-D33D-40EB-9006-439225C54923}
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_00000830
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\servicing\TrustedInstaller.exe
taskeng.exe {ABD1F338-B2D8-4F63-85F7-E4196410D938}
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\30.0.1835.125\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=4080
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=gpu-process --channel="4080.0.1461368489\886179303" --crash-reporter-pid=5248 --enable-mse-h264-support --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,9,22,45 --gpu-vendor-id=0x1002 --gpu-device-id=0x9591 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.632.1.1000 --crash-reporter-pid=5248 --enable-mse-h264-support --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.2.1075958819\2126077230" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.3.1258450840\2023656303" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.4.920193486\1536164796" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.5.1826068233\392681297" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.7.1660077460\1518504308" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.8.355306433\1424135487" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.9.2132404836\1388996186" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.10.1419678050\551121204" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.11.29526837\1063889997" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.12.2140421506\1637318632" /prefetch:673131151
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=renderer --alt-high-dpi-setting=120 --system-dpi-setting=120 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=sk --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_209.dll" --ppapi-flash-version=18.0.0.209 --crash-reporter-pid=5248 --enable-mse-h264-support --device-scale-factor=1 --font-cache-shared-mem-suffix=4080 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4080.13.1613871082\99361977" /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe" --type=ppapi --channel="4080.14.1614124817\170199559" --ppapi-flash-args --lang=sk --crash-reporter-pid=5248 --enable-mse-h264-support --ignored=" --type=renderer " /prefetch:-632637702
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\ntb\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\ntb\AppData\Roaming\Mozilla\Firefox\Profiles\mu6n94o6.default-1422558027457
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EA99306-BC87-4930-9E1D-1D1EA32A7E4E}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\bin\ItIEAddIn64.dll [2010-01-18 568064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2010-01-18 98560]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"picon"=C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [2009-07-15 358936]
"SoundMAX"=C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-03 2174760]
"acevents"=C:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-03 196648]
""= []
"accrdsub"=C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2009-06-03 483880]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"KiesPDLR.exe"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2015-04-28 1015104]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2015-04-28 1566016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-30 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe [2015-04-28 1566016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2015-04-28 311616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR]
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2010-04-13 358456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-04-01 2007392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackUpdateChecker.lnk]
C:\Windows\SysWOW64\C2MP\UPDATE~1.EXE [2014-05-20 48688]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"StartCCC"=c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304]
"CognizanceTS"=C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll [2010-01-18 24832]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-08-13 137352]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-07-31 782008]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.ffds"=ff_vfw.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-01 11:41:29 ----D---- C:\rsit
2015-07-29 07:35:36 ----A---- C:\Windows\system32\generaltel.dll
2015-07-29 07:35:36 ----A---- C:\Windows\system32\devinv.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\invagent.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\appraiser.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\aeinv.dll
2015-07-29 07:35:35 ----A---- C:\Windows\system32\acmigration.dll
2015-07-29 07:35:34 ----A---- C:\Windows\system32\aepdu.dll
2015-07-29 07:35:32 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-22 21:53:26 ----D---- C:\ProgramData\GRETECH
2015-07-22 21:52:52 ----D---- C:\Users\ntb\AppData\Roaming\GRETECH
2015-07-22 21:52:24 ----D---- C:\Program Files (x86)\GRETECH
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-21 18:18:21 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\lpk.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\fontsub.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\dciman32.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 18:18:21 ----A---- C:\Windows\system32\atmfd.dll
2015-07-21 03:19:15 ----D---- C:\Program Files\Free FLV Player
2015-07-15 17:25:09 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2015-07-15 17:25:09 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 17:25:06 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wups.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 17:25:06 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 17:25:05 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 17:24:53 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 17:24:51 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 17:24:51 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-15 17:24:50 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 17:24:50 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 17:24:49 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-07-15 17:24:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-15 17:24:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-15 17:24:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 17:24:42 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 17:24:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-15 17:24:41 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 17:24:41 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-07-15 17:23:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-07-15 17:23:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 17:23:55 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-15 17:23:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 17:23:54 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-15 17:23:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 17:23:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 17:23:52 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 17:23:51 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 17:23:50 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-07-15 17:23:50 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 17:23:49 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-15 17:23:49 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-15 17:23:49 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 17:23:49 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 17:23:49 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 17:23:48 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 17:23:47 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 17:23:47 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 17:23:46 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 17:21:30 ----A---- C:\Windows\system32\wksprt.exe
2015-07-15 17:21:30 ----A---- C:\Windows\system32\mstscax.dll
2015-07-15 17:21:28 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-07-15 17:21:28 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-07-15 17:21:28 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-07-15 17:21:27 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-07-15 17:21:27 ----A---- C:\Windows\system32\tsgqec.dll
2015-07-15 17:21:26 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 17:21:26 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-07-15 17:21:22 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 17:21:22 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-15 17:21:05 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 17:21:05 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 17:21:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-07-15 17:21:04 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-07-15 17:21:04 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 17:21:04 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 17:21:04 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-07-15 17:21:03 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 17:21:03 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 17:21:03 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 17:21:03 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 17:20:50 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 17:20:50 ----A---- C:\Windows\system32\msi.dll
2015-07-15 17:20:50 ----A---- C:\Windows\system32\authui.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 17:20:49 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 17:20:49 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 17:20:49 ----A---- C:\Windows\system32\consent.exe
2015-07-15 17:20:49 ----A---- C:\Windows\system32\appinfo.dll
2015-07-12 18:53:11 ----D---- C:\Program Files (x86)\Disc Soft
2015-07-12 18:52:12 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2015-07-12 17:32:35 ----D---- C:\ProgramData\Canneverbe Limited
2015-07-12 17:32:20 ----D---- C:\Users\ntb\AppData\Roaming\Canneverbe Limited
2015-07-12 17:24:18 ----D---- C:\Users\ntb\AppData\Roaming\InfraRecorder
2015-07-10 20:37:19 ----SHD---- C:\$RECYCLE.BIN
2015-07-10 20:33:34 ----HD---- C:\$Windows.~BT
2015-07-10 19:35:12 ----D---- C:\Windows\erdnt
2015-07-10 19:34:53 ----SD---- C:\32788R22FWJFW
2015-07-02 17:56:35 ----A---- C:\Windows\system32\drivers\sscewhnt.sys
2015-07-02 17:56:35 ----A---- C:\Windows\system32\drivers\sscewh.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscemdm.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscemdfl.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscecmnt.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscecm.sys
2015-07-02 17:56:34 ----A---- C:\Windows\system32\drivers\sscebus.sys
======List of files/folders modified in the last 1 month======
2015-08-01 11:41:29 ----D---- C:\Windows\Temp
2015-08-01 11:41:29 ----D---- C:\Program Files\trend micro
2015-08-01 11:37:07 ----D---- C:\Windows\system32\config
2015-08-01 11:32:52 ----A---- C:\Windows\SYSWOW64\log.txt
2015-08-01 11:31:33 ----AD---- C:\Windows
2015-07-31 16:08:35 ----D---- C:\Windows\system32\drivers
2015-07-31 07:11:43 ----RD---- C:\Program Files (x86)\Skype
2015-07-30 18:16:33 ----D---- C:\Windows\Panther
2015-07-30 17:58:49 ----D---- C:\Windows\winsxs
2015-07-30 07:37:42 ----D---- C:\AdwCleaner
2015-07-30 07:37:35 ----RD---- C:\Program Files (x86)
2015-07-29 19:21:50 ----D---- C:\Windows\System32
2015-07-29 19:21:50 ----D---- C:\Windows\inf
2015-07-29 19:21:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-29 17:24:45 ----D---- C:\Windows\Prefetch
2015-07-29 17:17:15 ----SD---- C:\Windows\system32\CompatTel
2015-07-29 07:49:40 ----SHD---- C:\System Volume Information
2015-07-29 07:36:14 ----D---- C:\Windows\Logs
2015-07-29 07:30:25 ----D---- C:\Windows\SoftwareDistribution
2015-07-25 22:40:46 ----D---- C:\Windows\rescache
2015-07-25 18:45:13 ----SD---- C:\Windows\system32\GWX
2015-07-22 21:53:26 ----HD---- C:\ProgramData
2015-07-22 07:15:25 ----D---- C:\Windows\SysWOW64
2015-07-21 18:06:53 ----D---- C:\Windows\system32\catroot2
2015-07-21 17:55:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-21 03:19:15 ----RD---- C:\Program Files
2015-07-16 21:12:11 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-16 21:12:11 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-07-16 21:12:11 ----D---- C:\Windows\system32\sk-SK
2015-07-16 21:12:11 ----D---- C:\Windows\PolicyDefinitions
2015-07-16 21:12:10 ----D---- C:\Windows\SYSWOW64\en-US
2015-07-16 21:12:10 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-16 21:12:09 ----D---- C:\Windows\system32\en-US
2015-07-16 21:12:04 ----D---- C:\Program Files\Internet Explorer
2015-07-16 21:11:51 ----D---- C:\Windows\system32\wbem
2015-07-16 21:11:51 ----D---- C:\Windows\system32\appraiser
2015-07-16 21:11:51 ----D---- C:\Windows\AppPatch
2015-07-16 20:35:42 ----SHD---- C:\Windows\Installer
2015-07-16 20:35:42 ----SHD---- C:\Config.Msi
2015-07-16 20:29:43 ----D---- C:\Windows\system32\MRT
2015-07-16 20:20:02 ----D---- C:\Windows\debug
2015-07-15 21:43:51 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-15 17:03:09 ----D---- C:\Windows\system32\Tasks
2015-07-14 17:33:26 ----D---- C:\Program Files (x86)\Opera
2015-07-13 20:52:17 ----D---- C:\Users\ntb\AppData\Roaming\DAEMON Tools Lite
2015-07-12 20:29:49 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2015-07-12 20:20:21 ----D---- C:\ProgramData\DAEMON Tools Lite
2015-07-12 20:20:14 ----D---- C:\Users\ntb\AppData\Roaming\4Media
2015-07-12 20:20:10 ----SD---- C:\Users\ntb\AppData\Roaming\Microsoft
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\IrfanView
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\foobar2000
2015-07-12 20:20:10 ----D---- C:\Users\ntb\AppData\Roaming\DVDVideoSoft
2015-07-12 20:20:04 ----D---- C:\Users\ntb\AppData\Roaming\SAMSUNG Drivers Update Utility
2015-07-12 20:20:04 ----D---- C:\Users\ntb\AppData\Roaming\R-TT
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\vlc
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Ulozto File Manager
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Thunderbird
2015-07-12 20:19:56 ----D---- C:\Users\ntb\AppData\Roaming\Skype
2015-07-12 20:19:15 ----D---- C:\Windows\system32\DriverStore
2015-07-12 20:19:14 ----D---- C:\Windows\Tasks
2015-07-12 20:19:14 ----D---- C:\Windows\registration
2015-07-10 19:51:53 ----D---- C:\Windows\SYSWOW64\drivers
2015-07-10 19:51:51 ----D---- C:\Program Files (x86)\Common Files
2015-07-03 08:43:04 ----A---- C:\Windows\system32\MRT.exe
2015-07-02 22:44:25 ----D---- C:\Windows\system32\catroot
2015-07-02 18:34:29 ----D---- C:\Windows\Microsoft.NET
2015-07-02 17:56:18 ----D---- C:\Program Files (x86)\Samsung
2015-07-02 17:10:51 ----D---- C:\Program Files (x86)\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-03-05 55912]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2007-07-16 60160]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-03-05 15464]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-07-12 381608]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-29 50976]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-07-31 141416]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-11-24 28600]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 31400]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-03-05 14952]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-02-25 252704]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-02-25 126752]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-08-13 450456]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-07-31 162528]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-03-04 44088]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-06-25 57856]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 119312]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-04 6037504]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2010-03-01 549888]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHprint;Microsoft Bluetooth Printer Class; C:\Windows\system32\DRIVERS\bthprint.sys [2009-07-14 67072]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 19000]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-06-23 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rismcx64;RICOH Smart Card Reader; C:\Windows\system32\DRIVERS\rismcx64.sys [2009-07-20 59008]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-10-09 1875624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-03 1379376]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-02-25 140576]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-02-25 154912]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\E:\aida\kerneld.x64 []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-07-12 30264]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2014-01-31 94704]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-07-12 85320]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2012-01-09 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\Windows\system32\DRIVERS\silabenm.sys [2014-04-11 23552]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\Windows\system32\DRIVERS\silabser.sys [2014-04-11 79360]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM); C:\Windows\system32\DRIVERS\sscebus.sys [2014-10-13 169288]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter; C:\Windows\system32\DRIVERS\sscemdfl.sys [2014-10-13 21320]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers; C:\Windows\system32\DRIVERS\sscemdm.sys [2014-10-13 188232]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2014-02-25 113952]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-04 203264]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-07-31 461672]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-07-31 461672]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ATService;AuthenTec Fingerprint Service; C:\Program Files\Fingerprint Sensor\ATService.exe [2009-07-29 1841912]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files (x86)\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-03-05 256616]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\AMT\LMS.exe [2009-07-15 174616]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2009-07-15 2058776]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-08-13 3596752]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-07-31 887128]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-07-31 1213072]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 HP ProtectTools Service;HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2010-04-13 45056]
S3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-20 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-14 148080]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-07 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu.
Log je již OK. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?