Dobrý den, prosím o kontrolu logu. Řeším závažné potíže s virem http://www.tr553.com.
Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by MARUSKA at 2015-09-11 01:30:21
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 246 GB (53%) free of 461 GB
Total RAM: 3968 MB (28% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:30:27, on 11.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\MARUSKA\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
C:\Users\MARUSKA\Downloads\hijackthis.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\MARUSKA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Absolute Software Agent Service (CtAgentService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Device Access Manager Usage Service (HpDamServiceHost) - Hewlett-Packard Development Company - c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP LaserJet Professional M1210 MFP Series Receive Fax Service (HPM1210RcvFaxSrvc) - HP - C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VRLService - Unknown owner - C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15796 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
winlogon.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\Hpservice.exe
"C:\Program Files\Sandboxie\SbieSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SC
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
C:\Windows\system32\WLANExt.exe 24531904
\??\C:\Windows\system32\conhost.exe "-1474342529-650237756-1297800526-1842121780-1921991556-719684150-1630316898303407076
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"taskhost.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe"
C:\Windows\system32\HPSIsvc.exe
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Windows\system32\Dwm.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files\Sandboxie\SbieCtrl.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
igfxHK.exe
igfxTray.exe
"C:\Windows\system32\igfxEM.exe" -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\MARUSKA\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe" -showminimized -checkautorun -peruser
-Minimized
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"taskhost.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\SkypePlugin.exe"
"C:\Users\MARUSKA\Downloads\hijackthis.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe14_ Global\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\MARUSKA\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForMARUSKA.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMARUSKA (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\digitalpersona.com/ChromeDPAgent]
"Description"=
"Path"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default\extensions\
veggy@veggyAddon.com
{4c4d9eb1-ebbf-f504-ce9d-d438b5a57f2e}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-10 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
HP File Sanitizer - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05 129240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-26 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-10 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-26 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-04-16 7574896]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2014-01-06 216064]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-03 2863344]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-05 415680]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-01 36352]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2015-06-23 787592]
"AdobeBridge"= []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2014-04-01 419512]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2014-04-10 185144]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-08-25 293872]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2014-04-01 126240]
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2013-09-17 167488]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
"HP File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2014-02-05 2213592]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-08-14 39175960]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-09-05 937920]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2011-09-05 36760]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2011-09-05 2904984]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2015-09-07 523144]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-10 6111824]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ISCTSystray.lnk - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-09-11 01:30:22 ----D---- C:\Program Files\trend micro
2015-09-11 01:30:21 ----D---- C:\rsit
2015-09-11 01:12:59 ----D---- C:\17fd6c2ee78f638e2f02801e5a21a68f
2015-09-10 10:45:18 ----D---- C:\Users\MARUSKA\AppData\Roaming\AVAST Software
2015-09-10 10:44:53 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-09-10 10:44:35 ----D---- C:\ProgramData\Malwarebytes
2015-09-10 10:44:35 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-09-10 10:17:22 ----D---- C:\Program Files (x86)\Google
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-09-10 10:17:07 ----A---- C:\Windows\system32\aswBoot.exe
2015-09-10 10:17:02 ----A---- C:\Windows\avastSS.scr
2015-09-10 10:11:42 ----D---- C:\Program Files\AVAST Software
2015-09-10 10:11:05 ----D---- C:\ProgramData\AVAST Software
2015-09-09 09:44:43 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 09:44:42 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 09:44:42 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 09:44:38 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 09:44:22 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-09-09 09:44:22 ----A---- C:\Windows\system32\tzres.dll
2015-09-09 09:44:08 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-09-09 09:44:08 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-09-09 09:44:08 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-09 09:44:07 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 09:44:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 09:44:03 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 09:44:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 09:44:03 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 09:44:02 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 09:44:02 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 09:44:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 09:44:01 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 09:44:01 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 09:44:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 09:44:00 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 09:44:00 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 09:43:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 09:43:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 09:43:59 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 09:43:59 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 09:43:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 09:43:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 09:43:58 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 09:43:58 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 09:43:57 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 09:43:55 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 09:43:55 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 09:43:54 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 09:41:16 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 09:41:15 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 09:41:14 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\smss.exe
2015-09-09 09:41:13 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 09:41:13 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 09:41:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 09:41:13 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 09:41:12 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 09:41:11 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 09:41:09 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 09:40:39 ----A---- C:\Windows\system32\authui.dll
2015-09-09 09:40:38 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 09:40:38 ----A---- C:\Windows\system32\consent.exe
2015-09-09 09:40:38 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 09:40:13 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 09:40:13 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 09:40:13 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 09:40:12 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 09:39:59 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 09:39:59 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 09:39:58 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 09:39:58 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 09:39:57 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 09:39:56 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 09:39:56 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 09:38:55 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 09:38:55 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 09:38:50 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wups.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-14 21:13:14 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 21:13:14 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 09:32:11 ----A---- C:\Windows\system32\invagent.dll
2015-08-12 09:32:11 ----A---- C:\Windows\system32\generaltel.dll
2015-08-12 09:32:11 ----A---- C:\Windows\system32\devinv.dll
2015-08-12 09:32:11 ----A---- C:\Windows\system32\appraiser.dll
2015-08-12 09:32:11 ----A---- C:\Windows\system32\aeinv.dll
2015-08-12 09:32:11 ----A---- C:\Windows\system32\acmigration.dll
2015-08-12 09:32:10 ----A---- C:\Windows\system32\mstscax.dll
2015-08-12 09:32:10 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-08-12 09:32:10 ----A---- C:\Windows\system32\aepdu.dll
2015-08-12 09:32:09 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-08-12 09:32:09 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-08-12 09:32:09 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-08-12 09:32:08 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-08-12 09:32:08 ----A---- C:\Windows\system32\wksprt.exe
2015-08-12 09:32:08 ----A---- C:\Windows\system32\tsgqec.dll
2015-08-12 09:31:57 ----A---- C:\Windows\system32\sysmain.dll
2015-08-12 09:31:53 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-08-12 09:31:49 ----A---- C:\Windows\system32\msmmsp.dll
2015-08-12 09:31:33 ----A---- C:\Windows\system32\basesrv.dll
2015-08-12 09:27:26 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-08-12 09:27:26 ----A---- C:\Windows\system32\WebClnt.dll
2015-08-12 09:27:25 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2015-08-12 09:27:25 ----A---- C:\Windows\system32\davclnt.dll
2015-08-12 09:27:21 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-08-12 09:27:21 ----A---- C:\Windows\system32\FntCache.dll
2015-08-12 09:27:21 ----A---- C:\Windows\system32\DWrite.dll
2015-08-12 09:27:19 ----A---- C:\Windows\system32\d3d10warp.dll
2015-08-12 09:27:18 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-08-12 09:27:09 ----A---- C:\Windows\SYSWOW64\notepad.exe
2015-08-12 09:27:09 ----A---- C:\Windows\system32\notepad.exe
2015-08-12 09:27:09 ----A---- C:\Windows\notepad.exe
2015-08-12 09:27:05 ----A---- C:\Windows\system32\shell32.dll
2015-08-12 09:27:03 ----A---- C:\Windows\SYSWOW64\shell32.dll
======List of files/folders modified in the last 1 month======
2015-09-11 01:30:22 ----RD---- C:\Program Files
2015-09-11 01:22:33 ----D---- C:\Windows\Temp
2015-09-11 01:12:45 ----D---- C:\Windows\system32\Tasks
2015-09-11 00:49:21 ----SHD---- C:\Windows\Installer
2015-09-11 00:49:21 ----D---- C:\Windows\Tasks
2015-09-11 00:32:22 ----D---- C:\Windows\system32\NDF
2015-09-11 00:21:03 ----D---- C:\Windows
2015-09-11 00:17:51 ----D---- C:\Windows\system32\config
2015-09-11 00:16:34 ----D---- C:\Program Files (x86)\Opera
2015-09-11 00:16:00 ----D---- C:\Users\MARUSKA\AppData\Roaming\Opera Software
2015-09-11 00:10:01 ----D---- C:\Windows\SoftwareDistribution
2015-09-11 00:08:06 ----D---- C:\Windows\inf
2015-09-10 20:02:07 ----D---- C:\Users\MARUSKA\AppData\Roaming\Skype
2015-09-10 11:15:45 ----D---- C:\Windows\system32\drivers
2015-09-10 11:15:45 ----D---- C:\Windows\IME
2015-09-10 11:03:40 ----D---- C:\Program Files\WinRAR
2015-09-10 10:59:00 ----D---- C:\Windows\Prefetch
2015-09-10 10:45:59 ----A---- C:\Windows\Sandboxie.ini
2015-09-10 10:45:05 ----D---- C:\Windows\System32
2015-09-10 10:45:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-10 10:44:35 ----RD---- C:\Program Files (x86)
2015-09-10 10:44:35 ----HD---- C:\ProgramData
2015-09-10 10:26:48 ----SHD---- C:\$RECYCLE.BIN
2015-09-10 10:17:08 ----D---- C:\Windows\winsxs
2015-09-10 10:11:40 ----SHD---- C:\System Volume Information
2015-09-09 15:32:21 ----D---- C:\Windows\Microsoft.NET
2015-09-09 15:28:24 ----RSD---- C:\Windows\assembly
2015-09-09 13:11:14 ----D---- C:\Windows\debug
2015-09-09 13:05:04 ----D---- C:\Windows\SysWOW64
2015-09-09 13:05:04 ----D---- C:\Program Files\Windows Journal
2015-09-09 13:05:03 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-09 13:05:03 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-09-09 13:05:03 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 13:05:03 ----D---- C:\Windows\ehome
2015-09-09 13:05:03 ----D---- C:\Program Files\Internet Explorer
2015-09-09 13:05:02 ----D---- C:\Windows\system32\en-US
2015-09-09 13:05:02 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 13:05:01 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 13:04:59 ----D---- C:\Windows\AppPatch
2015-09-09 13:04:56 ----D---- C:\Windows\system32\Boot
2015-09-09 13:02:29 ----D---- C:\Windows\system32\MRT
2015-09-09 09:32:12 ----D---- C:\Windows\system32\catroot2
2015-09-01 11:02:31 ----D---- C:\Program Files (x86)\Dropbox
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-26 08:51:49 ----D---- C:\Windows\Minidump
2015-08-17 16:36:10 ----D---- C:\Windows\rescache
2015-08-17 08:50:00 ----SD---- C:\Windows\system32\CompatTel
2015-08-17 08:49:59 ----D---- C:\Windows\system32\appraiser
2015-08-17 08:49:57 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-08-14 21:11:56 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-14 21:11:56 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 09:09:48 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-10 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-10 274808]
R0 hpdskflt;HP Filter; C:\Windows\system32\drivers\hpdskflt.sys [2013-07-23 30520]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2015-05-29 646408]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2015-05-29 30960]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2014-08-25 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PinFile;PinFile; C:\Windows\system32\DRIVERS\PinFile.sys [2014-02-04 49856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SDDisk2K;SDDisk2K; C:\Windows\system32\DRIVERS\SDDisk2K.sys [2014-02-04 228544]
R0 SDDToki;SDDToki; C:\Windows\system32\DRIVERS\SDDToki.sys [2014-02-04 131264]
R0 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-09-10 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-10 1048344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-10 447944]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-27 90608]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-10 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-10 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-09-10 150672]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\drivers\Accelerometer.sys [2013-07-23 43320]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2013-12-04 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-11 3729920]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2013-08-09 21408]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2013-08-09 21920]
R3 INETMON;INETMON; \??\C:\windows\System32\Drivers\INETMON.sys [2013-08-08 29088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-16 3933144]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\drivers\ISCTD64.sys [2013-08-08 46568]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-08-25 383984]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-08-25 795120]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-09-11 113880]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\drivers\TeeDriverx64.sys [2013-12-10 100312]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [2014-04-01 552448]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-03-28 918232]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2014-11-17 3603672]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2015-06-23 190088]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2014-03-13 1519520]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-07-03 580336]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2013-12-04 552960]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2013-10-07 65752]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 HP1210FAX;HP1210MFP FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [2012-11-07 16896]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-02-27 272088]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2014-02-27 331992]
S3 RtkAvrcp;Realtek Bluetooth A/V Remote Control Target; C:\Windows\system32\drivers\RtkAvrcp.sys [2012-12-28 61152]
S3 RTSPER;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-03-21 476888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SmbDrv;SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [2014-04-08 30448]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [2014-04-08 31472]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-12-04 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2015-09-07 1136520]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-10 146600]
R2 AvrcpService;AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [2013-05-07 35328]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-03-06 88064]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CtAgentService;Absolute Software Agent Service; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [2014-03-31 7168]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2014-04-04 500048]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HpDamServiceHost;HP Device Access Manager Usage Service; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [2013-11-15 18232]
R2 HPFSService;HP File Sanitizer; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2014-02-05 1758936]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 362296]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2011-05-18 126520]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2013-07-23 43320]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-05-22 18672]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-03-11 282072]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-12-10 131544]
R2 ISCTAgent;Intel(R) Smart Connect Technology Agent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2013-09-07 198120]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-10 390616]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-01-08 290520]
R2 RtkBleServ;RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [2013-04-26 42496]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2015-06-23 175752]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2013-09-12 3221392]
R2 VRLService;VRLService; C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE [2014-09-05 209408]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2014-04-10 1448248]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2014-01-06 1243320]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-20 134512]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-03-11 279000]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-20 134512]
S3 FLCDLOCK;HP Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2013-11-20 567608]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-07-22 1357104]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-12 148136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosim o kontolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontolu logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontolu logu
Bohužel akce nepomohla. Mozilla stále samovolně otevírá okna s reklamou a firewall samovolně hlásí blokování spojení na tr553.com a intext.nav-link.com.
Nicméně zde je log.
Děkuji.
# AdwCleaner v5.007 - Logfile created 12/09/2015 at 23:52:41
# Updated 08/09/2015 by Xplode
# Database : 2015-09-10.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : MARUSKA - MARUSKA-HP
# Running from : C:\Users\MARUSKA\Desktop\adwcleaner_5.007.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\{C19CA186-4F06-4E22-A1E6-6BAB4723A0DE}
[-] Folder Deleted : C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default\Extensions\staged\veggy@veggyAddon.com
***** [ Files ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoomWebLists
***** [ Web browsers ] *****
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [934 bytes] ##########
Nicméně zde je log.
Děkuji.
# AdwCleaner v5.007 - Logfile created 12/09/2015 at 23:52:41
# Updated 08/09/2015 by Xplode
# Database : 2015-09-10.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : MARUSKA - MARUSKA-HP
# Running from : C:\Users\MARUSKA\Desktop\adwcleaner_5.007.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\{C19CA186-4F06-4E22-A1E6-6BAB4723A0DE}
[-] Folder Deleted : C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default\Extensions\staged\veggy@veggyAddon.com
***** [ Files ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoomWebLists
***** [ Web browsers ] *****
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [934 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontolu logu
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontolu logu
Tady je. Děkuji.
Logfile of random's system information tool 1.10 (written by random/random)
Run by MARUSKA at 2015-09-13 12:31:34
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 245 GB (53%) free of 461 GB
Total RAM: 3968 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:31:43, on 13.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\MARUSKA\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
C:\Program Files\trend micro\MARUSKA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Absolute Software Agent Service (CtAgentService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Device Access Manager Usage Service (HpDamServiceHost) - Hewlett-Packard Development Company - c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP LaserJet Professional M1210 MFP Series Receive Fax Service (HPM1210RcvFaxSrvc) - HP - C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VRLService - Unknown owner - C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15702 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\Hpservice.exe
"C:\Program Files\Sandboxie\SbieSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SC
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
C:\Windows\system32\WLANExt.exe 26605840
\??\C:\Windows\system32\conhost.exe "8448299061467445915-2035133827-1245801121-5984632321133237474-2946554391389752303
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe"
C:\Windows\system32\HPSIsvc.exe
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe"
"C:\Program Files\Sandboxie\SbieCtrl.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[C1].txt
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
igfxHK.exe
igfxTray.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\igfxEM.exe" -Embedding
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Users\MARUSKA\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe" -showminimized -checkautorun -peruser
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
-Minimized
C:\Windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\CompatTelRunner.exe
\??\C:\Windows\system32\conhost.exe "84015204-2144375690-727927596-1328725240-615292539-2113008738653381497330325102
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8987dae7-8422-47e8-adb2-c14160cfddf9 -SystemEventPortName:HostProcess-f7495f1a-be0c-4ada-ae51-21632bc445eb -IoCancelEventPortName:HostProcess-dfad8f51-6089-4fd1-8272-3d6b02e8d3ab -NonStateChangingEventPortName:HostProcess-99b377ec-9c30-4870-91cf-7c438c12b71b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6c92852e-95a4-4eda-a265-028507c472a0 -DeviceGroupId:WpdFsGroup
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
wmiadap.exe /R /T
"C:\Users\MARUSKA\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForMARUSKA.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMARUSKA (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\digitalpersona.com/ChromeDPAgent]
"Description"=
"Path"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default\extensions\
staged
{4c4d9eb1-ebbf-f504-ce9d-d438b5a57f2e}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-10 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
HP File Sanitizer - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05 129240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-26 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-10 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-26 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-04-16 7574896]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2014-01-06 216064]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-03 2863344]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-05 415680]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-01 36352]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2015-06-23 787592]
"AdobeBridge"= []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2014-04-01 419512]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2014-04-10 185144]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-08-25 293872]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2014-04-01 126240]
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2013-09-17 167488]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
"HP File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2014-02-05 2213592]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-08-14 39175960]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-09-05 937920]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2011-09-05 36760]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2011-09-05 2904984]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2015-09-07 523144]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-10 6111824]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ISCTSystray.lnk - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-09-12 23:51:08 ----D---- C:\AdwCleaner
2015-09-11 01:30:22 ----D---- C:\Program Files\trend micro
2015-09-11 01:30:21 ----D---- C:\rsit
2015-09-10 10:45:18 ----D---- C:\Users\MARUSKA\AppData\Roaming\AVAST Software
2015-09-10 10:44:53 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-09-10 10:44:35 ----D---- C:\ProgramData\Malwarebytes
2015-09-10 10:44:35 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-09-10 10:17:22 ----D---- C:\Program Files (x86)\Google
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-09-10 10:17:07 ----A---- C:\Windows\system32\aswBoot.exe
2015-09-10 10:17:02 ----A---- C:\Windows\avastSS.scr
2015-09-10 10:11:42 ----D---- C:\Program Files\AVAST Software
2015-09-10 10:11:05 ----D---- C:\ProgramData\AVAST Software
2015-09-09 09:44:43 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 09:44:42 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 09:44:42 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 09:44:38 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 09:44:22 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-09-09 09:44:22 ----A---- C:\Windows\system32\tzres.dll
2015-09-09 09:44:08 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-09-09 09:44:08 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-09-09 09:44:08 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-09 09:44:07 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 09:44:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 09:44:03 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 09:44:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 09:44:03 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 09:44:02 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 09:44:02 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 09:44:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 09:44:01 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 09:44:01 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 09:44:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 09:44:00 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 09:44:00 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 09:43:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 09:43:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 09:43:59 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 09:43:59 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 09:43:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 09:43:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 09:43:58 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 09:43:58 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 09:43:57 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 09:43:55 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 09:43:55 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 09:43:54 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 09:41:16 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 09:41:15 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 09:41:14 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\smss.exe
2015-09-09 09:41:13 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 09:41:13 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 09:41:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 09:41:13 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 09:41:12 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 09:41:11 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 09:41:09 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 09:40:39 ----A---- C:\Windows\system32\authui.dll
2015-09-09 09:40:38 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 09:40:38 ----A---- C:\Windows\system32\consent.exe
2015-09-09 09:40:38 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 09:40:13 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 09:40:13 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 09:40:13 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 09:40:12 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 09:39:59 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 09:39:59 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 09:39:58 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 09:39:58 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 09:39:57 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 09:39:56 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 09:39:56 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 09:38:55 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 09:38:55 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 09:38:50 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wups.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-14 21:13:14 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 21:13:14 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
======List of files/folders modified in the last 1 month======
2015-09-13 12:29:44 ----D---- C:\Windows\Temp
2015-09-13 12:19:45 ----D---- C:\Windows\inf
2015-09-13 12:16:37 ----D---- C:\Windows
2015-09-13 00:02:03 ----D---- C:\Windows\System32
2015-09-13 00:02:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-12 23:59:14 ----D---- C:\Windows\SoftwareDistribution
2015-09-12 23:56:36 ----D---- C:\Windows\system32\config
2015-09-12 23:52:42 ----HD---- C:\ProgramData
2015-09-12 23:50:39 ----D---- C:\Users\MARUSKA\AppData\Roaming\Skype
2015-09-12 19:33:20 ----SHD---- C:\System Volume Information
2015-09-11 10:37:38 ----HD---- C:\$Windows.~BT
2015-09-11 09:47:43 ----D---- C:\Windows\Panther
2015-09-11 01:30:22 ----RD---- C:\Program Files
2015-09-11 01:12:45 ----D---- C:\Windows\system32\Tasks
2015-09-11 00:49:21 ----SHD---- C:\Windows\Installer
2015-09-11 00:49:21 ----D---- C:\Windows\Tasks
2015-09-11 00:32:22 ----D---- C:\Windows\system32\NDF
2015-09-11 00:16:34 ----D---- C:\Program Files (x86)\Opera
2015-09-11 00:16:00 ----D---- C:\Users\MARUSKA\AppData\Roaming\Opera Software
2015-09-10 11:15:45 ----D---- C:\Windows\system32\drivers
2015-09-10 11:15:45 ----D---- C:\Windows\IME
2015-09-10 11:03:40 ----D---- C:\Program Files\WinRAR
2015-09-10 10:59:00 ----D---- C:\Windows\Prefetch
2015-09-10 10:45:59 ----A---- C:\Windows\Sandboxie.ini
2015-09-10 10:44:35 ----RD---- C:\Program Files (x86)
2015-09-10 10:26:48 ----SHD---- C:\$RECYCLE.BIN
2015-09-10 10:17:08 ----D---- C:\Windows\winsxs
2015-09-09 15:32:21 ----D---- C:\Windows\Microsoft.NET
2015-09-09 15:28:24 ----RSD---- C:\Windows\assembly
2015-09-09 13:11:14 ----D---- C:\Windows\debug
2015-09-09 13:05:04 ----D---- C:\Windows\SysWOW64
2015-09-09 13:05:04 ----D---- C:\Program Files\Windows Journal
2015-09-09 13:05:03 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-09 13:05:03 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-09-09 13:05:03 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 13:05:03 ----D---- C:\Windows\ehome
2015-09-09 13:05:03 ----D---- C:\Program Files\Internet Explorer
2015-09-09 13:05:02 ----D---- C:\Windows\system32\en-US
2015-09-09 13:05:02 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 13:05:01 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 13:04:59 ----D---- C:\Windows\AppPatch
2015-09-09 13:04:56 ----D---- C:\Windows\system32\Boot
2015-09-09 13:02:29 ----D---- C:\Windows\system32\MRT
2015-09-09 09:32:12 ----D---- C:\Windows\system32\catroot2
2015-09-01 11:02:31 ----D---- C:\Program Files (x86)\Dropbox
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-26 08:51:49 ----D---- C:\Windows\Minidump
2015-08-17 16:36:10 ----D---- C:\Windows\rescache
2015-08-17 08:50:00 ----SD---- C:\Windows\system32\CompatTel
2015-08-17 08:49:59 ----D---- C:\Windows\system32\appraiser
2015-08-17 08:49:57 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-08-14 21:11:56 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-14 21:11:56 ----D---- C:\Program Files (x86)\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-10 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-10 274808]
R0 hpdskflt;HP Filter; C:\Windows\system32\drivers\hpdskflt.sys [2013-07-23 30520]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2015-05-29 646408]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2015-05-29 30960]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2014-08-25 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PinFile;PinFile; C:\Windows\system32\DRIVERS\PinFile.sys [2014-02-04 49856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SDDisk2K;SDDisk2K; C:\Windows\system32\DRIVERS\SDDisk2K.sys [2014-02-04 228544]
R0 SDDToki;SDDToki; C:\Windows\system32\DRIVERS\SDDToki.sys [2014-02-04 131264]
R0 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-09-10 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-10 1048344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-10 447944]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-27 90608]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-10 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-10 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-09-10 150672]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\drivers\Accelerometer.sys [2013-07-23 43320]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2013-12-04 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-11 3729920]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2013-08-09 21408]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2013-08-09 21920]
R3 INETMON;INETMON; \??\C:\windows\System32\Drivers\INETMON.sys [2013-08-08 29088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-16 3933144]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\drivers\ISCTD64.sys [2013-08-08 46568]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-08-25 383984]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-08-25 795120]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-09-13 113880]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\drivers\TeeDriverx64.sys [2013-12-10 100312]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [2014-04-01 552448]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-03-28 918232]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2014-11-17 3603672]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2015-06-23 190088]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2014-03-13 1519520]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-07-03 580336]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2013-12-04 552960]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2013-10-07 65752]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 HP1210FAX;HP1210MFP FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [2012-11-07 16896]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-02-27 272088]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2014-02-27 331992]
S3 RtkAvrcp;Realtek Bluetooth A/V Remote Control Target; C:\Windows\system32\drivers\RtkAvrcp.sys [2012-12-28 61152]
S3 RTSPER;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-03-21 476888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SmbDrv;SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [2014-04-08 30448]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [2014-04-08 31472]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-12-04 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2015-09-07 1136520]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-10 146600]
R2 AvrcpService;AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [2013-05-07 35328]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-03-06 88064]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CtAgentService;Absolute Software Agent Service; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [2014-03-31 7168]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2014-04-04 500048]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HpDamServiceHost;HP Device Access Manager Usage Service; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [2013-11-15 18232]
R2 HPFSService;HP File Sanitizer; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2014-02-05 1758936]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 362296]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2011-05-18 126520]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2013-07-23 43320]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-05-22 18672]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-03-11 282072]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-12-10 131544]
R2 ISCTAgent;Intel(R) Smart Connect Technology Agent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2013-09-07 198120]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-10 390616]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-01-08 290520]
R2 RtkBleServ;RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [2013-04-26 42496]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2015-06-23 175752]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2013-09-12 3221392]
R2 VRLService;VRLService; C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE [2014-09-05 209408]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2014-04-10 1448248]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2014-01-06 1243320]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-20 134512]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-03-11 279000]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-20 134512]
S3 FLCDLOCK;HP Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2013-11-20 567608]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-07-22 1357104]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-12 148136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by MARUSKA at 2015-09-13 12:31:34
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 245 GB (53%) free of 461 GB
Total RAM: 3968 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:31:43, on 13.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\MARUSKA\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
C:\Program Files\trend micro\MARUSKA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Absolute Software Agent Service (CtAgentService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Device Access Manager Usage Service (HpDamServiceHost) - Hewlett-Packard Development Company - c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP LaserJet Professional M1210 MFP Series Receive Fax Service (HPM1210RcvFaxSrvc) - HP - C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VRLService - Unknown owner - C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15702 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\Hpservice.exe
"C:\Program Files\Sandboxie\SbieSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SC
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
C:\Windows\system32\WLANExt.exe 26605840
\??\C:\Windows\system32\conhost.exe "8448299061467445915-2035133827-1245801121-5984632321133237474-2946554391389752303
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe"
C:\Windows\system32\HPSIsvc.exe
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe"
"C:\Program Files\Sandboxie\SbieCtrl.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[C1].txt
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
igfxHK.exe
igfxTray.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\igfxEM.exe" -Embedding
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Users\MARUSKA\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe" -showminimized -checkautorun -peruser
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
-Minimized
C:\Windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\CompatTelRunner.exe
\??\C:\Windows\system32\conhost.exe "84015204-2144375690-727927596-1328725240-615292539-2113008738653381497330325102
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8987dae7-8422-47e8-adb2-c14160cfddf9 -SystemEventPortName:HostProcess-f7495f1a-be0c-4ada-ae51-21632bc445eb -IoCancelEventPortName:HostProcess-dfad8f51-6089-4fd1-8272-3d6b02e8d3ab -NonStateChangingEventPortName:HostProcess-99b377ec-9c30-4870-91cf-7c438c12b71b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6c92852e-95a4-4eda-a265-028507c472a0 -DeviceGroupId:WpdFsGroup
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
wmiadap.exe /R /T
"C:\Users\MARUSKA\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForMARUSKA.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMARUSKA (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\digitalpersona.com/ChromeDPAgent]
"Description"=
"Path"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default\extensions\
staged
{4c4d9eb1-ebbf-f504-ce9d-d438b5a57f2e}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-10 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
HP File Sanitizer - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05 129240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-26 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-10 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-26 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-04-16 7574896]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2014-01-06 216064]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-03 2863344]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-05 415680]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-01 36352]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2015-06-23 787592]
"AdobeBridge"= []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2014-04-01 419512]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2014-04-10 185144]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-08-25 293872]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2014-04-01 126240]
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2013-09-17 167488]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
"HP File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2014-02-05 2213592]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-08-14 39175960]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-09-05 937920]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2011-09-05 36760]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2011-09-05 2904984]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2015-09-07 523144]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-10 6111824]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ISCTSystray.lnk - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-09-12 23:51:08 ----D---- C:\AdwCleaner
2015-09-11 01:30:22 ----D---- C:\Program Files\trend micro
2015-09-11 01:30:21 ----D---- C:\rsit
2015-09-10 10:45:18 ----D---- C:\Users\MARUSKA\AppData\Roaming\AVAST Software
2015-09-10 10:44:53 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-09-10 10:44:35 ----D---- C:\ProgramData\Malwarebytes
2015-09-10 10:44:35 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-09-10 10:17:22 ----D---- C:\Program Files (x86)\Google
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-09-10 10:17:07 ----A---- C:\Windows\system32\aswBoot.exe
2015-09-10 10:17:02 ----A---- C:\Windows\avastSS.scr
2015-09-10 10:11:42 ----D---- C:\Program Files\AVAST Software
2015-09-10 10:11:05 ----D---- C:\ProgramData\AVAST Software
2015-09-09 09:44:43 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 09:44:42 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 09:44:42 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 09:44:38 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 09:44:22 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-09-09 09:44:22 ----A---- C:\Windows\system32\tzres.dll
2015-09-09 09:44:08 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-09-09 09:44:08 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-09-09 09:44:08 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-09 09:44:07 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 09:44:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 09:44:03 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 09:44:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 09:44:03 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 09:44:02 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 09:44:02 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 09:44:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 09:44:01 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 09:44:01 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 09:44:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 09:44:00 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 09:44:00 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 09:43:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 09:43:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 09:43:59 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 09:43:59 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 09:43:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 09:43:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 09:43:58 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 09:43:58 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 09:43:57 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 09:43:55 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 09:43:55 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 09:43:54 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 09:41:16 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 09:41:15 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 09:41:14 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\smss.exe
2015-09-09 09:41:13 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 09:41:13 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 09:41:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 09:41:13 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 09:41:12 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 09:41:11 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 09:41:09 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 09:40:39 ----A---- C:\Windows\system32\authui.dll
2015-09-09 09:40:38 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 09:40:38 ----A---- C:\Windows\system32\consent.exe
2015-09-09 09:40:38 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 09:40:13 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 09:40:13 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 09:40:13 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 09:40:12 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 09:39:59 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 09:39:59 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 09:39:58 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 09:39:58 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 09:39:57 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 09:39:56 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 09:39:56 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 09:38:55 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 09:38:55 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 09:38:50 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wups.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-14 21:13:14 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 21:13:14 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
======List of files/folders modified in the last 1 month======
2015-09-13 12:29:44 ----D---- C:\Windows\Temp
2015-09-13 12:19:45 ----D---- C:\Windows\inf
2015-09-13 12:16:37 ----D---- C:\Windows
2015-09-13 00:02:03 ----D---- C:\Windows\System32
2015-09-13 00:02:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-12 23:59:14 ----D---- C:\Windows\SoftwareDistribution
2015-09-12 23:56:36 ----D---- C:\Windows\system32\config
2015-09-12 23:52:42 ----HD---- C:\ProgramData
2015-09-12 23:50:39 ----D---- C:\Users\MARUSKA\AppData\Roaming\Skype
2015-09-12 19:33:20 ----SHD---- C:\System Volume Information
2015-09-11 10:37:38 ----HD---- C:\$Windows.~BT
2015-09-11 09:47:43 ----D---- C:\Windows\Panther
2015-09-11 01:30:22 ----RD---- C:\Program Files
2015-09-11 01:12:45 ----D---- C:\Windows\system32\Tasks
2015-09-11 00:49:21 ----SHD---- C:\Windows\Installer
2015-09-11 00:49:21 ----D---- C:\Windows\Tasks
2015-09-11 00:32:22 ----D---- C:\Windows\system32\NDF
2015-09-11 00:16:34 ----D---- C:\Program Files (x86)\Opera
2015-09-11 00:16:00 ----D---- C:\Users\MARUSKA\AppData\Roaming\Opera Software
2015-09-10 11:15:45 ----D---- C:\Windows\system32\drivers
2015-09-10 11:15:45 ----D---- C:\Windows\IME
2015-09-10 11:03:40 ----D---- C:\Program Files\WinRAR
2015-09-10 10:59:00 ----D---- C:\Windows\Prefetch
2015-09-10 10:45:59 ----A---- C:\Windows\Sandboxie.ini
2015-09-10 10:44:35 ----RD---- C:\Program Files (x86)
2015-09-10 10:26:48 ----SHD---- C:\$RECYCLE.BIN
2015-09-10 10:17:08 ----D---- C:\Windows\winsxs
2015-09-09 15:32:21 ----D---- C:\Windows\Microsoft.NET
2015-09-09 15:28:24 ----RSD---- C:\Windows\assembly
2015-09-09 13:11:14 ----D---- C:\Windows\debug
2015-09-09 13:05:04 ----D---- C:\Windows\SysWOW64
2015-09-09 13:05:04 ----D---- C:\Program Files\Windows Journal
2015-09-09 13:05:03 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-09 13:05:03 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-09-09 13:05:03 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 13:05:03 ----D---- C:\Windows\ehome
2015-09-09 13:05:03 ----D---- C:\Program Files\Internet Explorer
2015-09-09 13:05:02 ----D---- C:\Windows\system32\en-US
2015-09-09 13:05:02 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 13:05:01 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 13:04:59 ----D---- C:\Windows\AppPatch
2015-09-09 13:04:56 ----D---- C:\Windows\system32\Boot
2015-09-09 13:02:29 ----D---- C:\Windows\system32\MRT
2015-09-09 09:32:12 ----D---- C:\Windows\system32\catroot2
2015-09-01 11:02:31 ----D---- C:\Program Files (x86)\Dropbox
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-26 08:51:49 ----D---- C:\Windows\Minidump
2015-08-17 16:36:10 ----D---- C:\Windows\rescache
2015-08-17 08:50:00 ----SD---- C:\Windows\system32\CompatTel
2015-08-17 08:49:59 ----D---- C:\Windows\system32\appraiser
2015-08-17 08:49:57 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-08-14 21:11:56 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-14 21:11:56 ----D---- C:\Program Files (x86)\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-10 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-10 274808]
R0 hpdskflt;HP Filter; C:\Windows\system32\drivers\hpdskflt.sys [2013-07-23 30520]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2015-05-29 646408]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2015-05-29 30960]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2014-08-25 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PinFile;PinFile; C:\Windows\system32\DRIVERS\PinFile.sys [2014-02-04 49856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SDDisk2K;SDDisk2K; C:\Windows\system32\DRIVERS\SDDisk2K.sys [2014-02-04 228544]
R0 SDDToki;SDDToki; C:\Windows\system32\DRIVERS\SDDToki.sys [2014-02-04 131264]
R0 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-09-10 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-10 1048344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-10 447944]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-27 90608]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-10 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-10 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-09-10 150672]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\drivers\Accelerometer.sys [2013-07-23 43320]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2013-12-04 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-11 3729920]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2013-08-09 21408]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2013-08-09 21920]
R3 INETMON;INETMON; \??\C:\windows\System32\Drivers\INETMON.sys [2013-08-08 29088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-16 3933144]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\drivers\ISCTD64.sys [2013-08-08 46568]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-08-25 383984]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-08-25 795120]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-09-13 113880]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\drivers\TeeDriverx64.sys [2013-12-10 100312]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [2014-04-01 552448]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-03-28 918232]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2014-11-17 3603672]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2015-06-23 190088]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2014-03-13 1519520]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-07-03 580336]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2013-12-04 552960]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2013-10-07 65752]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 HP1210FAX;HP1210MFP FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [2012-11-07 16896]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-02-27 272088]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2014-02-27 331992]
S3 RtkAvrcp;Realtek Bluetooth A/V Remote Control Target; C:\Windows\system32\drivers\RtkAvrcp.sys [2012-12-28 61152]
S3 RTSPER;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-03-21 476888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SmbDrv;SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [2014-04-08 30448]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [2014-04-08 31472]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-12-04 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2015-09-07 1136520]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-10 146600]
R2 AvrcpService;AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [2013-05-07 35328]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-03-06 88064]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CtAgentService;Absolute Software Agent Service; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [2014-03-31 7168]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2014-04-04 500048]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HpDamServiceHost;HP Device Access Manager Usage Service; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [2013-11-15 18232]
R2 HPFSService;HP File Sanitizer; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2014-02-05 1758936]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 362296]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2011-05-18 126520]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2013-07-23 43320]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-05-22 18672]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-03-11 282072]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-12-10 131544]
R2 ISCTAgent;Intel(R) Smart Connect Technology Agent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2013-09-07 198120]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-10 390616]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-01-08 290520]
R2 RtkBleServ;RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [2013-04-26 42496]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2015-06-23 175752]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2013-09-12 3221392]
R2 VRLService;VRLService; C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE [2014-09-05 209408]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2014-04-10 1448248]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2014-01-06 1243320]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-20 134512]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-03-11 279000]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-20 134512]
S3 FLCDLOCK;HP Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2013-11-20 567608]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-07-22 1357104]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-12 148136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontolu logu
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontolu logu
BOhužel systém se chová stejně, problém nevyřešen. V Mozille se stále otevírají samovolně okna a Anti-Malware sw neustále ukazuje, že něco blokuje. Zde je RSIT. Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by MARUSKA at 2015-09-13 22:20:36
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 245 GB (53%) free of 461 GB
Total RAM: 3968 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:20:40, on 13.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\MARUSKA\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
C:\Program Files\trend micro\MARUSKA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Absolute Software Agent Service (CtAgentService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Device Access Manager Usage Service (HpDamServiceHost) - Hewlett-Packard Development Company - c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP LaserJet Professional M1210 MFP Series Receive Fax Service (HPM1210RcvFaxSrvc) - HP - C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VRLService - Unknown owner - C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15682 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
winlogon.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\Hpservice.exe
"C:\Program Files\Sandboxie\SbieSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SC
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 24737616
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\Windows\system32\conhost.exe "-4945634083657607110754114651085091494150652352-141841320416567097331629743797
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {1DEAFE58-CACB-46DA-ACB2-80B1821B1717}
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"taskhost.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe"
C:\Windows\system32\HPSIsvc.exe
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
"c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\servicing\TrustedInstaller.exe
igfxHK.exe
igfxTray.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4ab6d914-ff30-47b6-b3de-472fa900c2f2 -SystemEventPortName:HostProcess-c7a4e53a-1450-4c80-9c2f-e4d5b955187a -IoCancelEventPortName:HostProcess-9bf9864d-4d1a-47e0-ba98-ee7284252da1 -NonStateChangingEventPortName:HostProcess-2a911852-182d-4452-80e1-051e58321481 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:60a5093b-a3e5-4422-a9f7-b2ccd109b133 -DeviceGroupId:WpdFsGroup
"C:\Windows\system32\igfxEM.exe" -Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
"C:\Program Files\Sandboxie\SbieCtrl.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
taskeng.exe {4B0E2E29-8F0A-4CE3-91D5-777430C89824}
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe"
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Realtek\REALTEK Bluetooth\SkypePlugin.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\MARUSKA\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe" -showminimized -checkautorun -peruser
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Users\MARUSKA\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForMARUSKA.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMARUSKA (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\digitalpersona.com/ChromeDPAgent]
"Description"=
"Path"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default\extensions\
veggy@veggyAddon.com
{4066cf06-1058-7f90-be31-2d3c1b4800b1}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-10 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
HP File Sanitizer - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05 129240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-26 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-10 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-26 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-04-16 7574896]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2014-01-06 216064]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-03 2863344]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-05 415680]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-01 36352]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2015-06-23 787592]
"AdobeBridge"= []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2014-04-01 419512]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2014-04-10 185144]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-08-25 293872]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2014-04-01 126240]
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2013-09-17 167488]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
"HP File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2014-02-05 2213592]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-08-14 39175960]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-09-05 937920]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2011-09-05 36760]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2011-09-05 2904984]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2015-09-07 523144]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-10 6111824]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ISCTSystray.lnk - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-09-13 22:06:52 ----D---- C:\_OTM
2015-09-12 23:51:08 ----D---- C:\AdwCleaner
2015-09-11 01:30:22 ----D---- C:\Program Files\trend micro
2015-09-11 01:30:21 ----D---- C:\rsit
2015-09-10 10:45:18 ----D---- C:\Users\MARUSKA\AppData\Roaming\AVAST Software
2015-09-10 10:44:53 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-09-10 10:44:35 ----D---- C:\ProgramData\Malwarebytes
2015-09-10 10:44:35 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-09-10 10:17:22 ----D---- C:\Program Files (x86)\Google
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-09-10 10:17:07 ----A---- C:\Windows\system32\aswBoot.exe
2015-09-10 10:17:02 ----A---- C:\Windows\avastSS.scr
2015-09-10 10:11:42 ----D---- C:\Program Files\AVAST Software
2015-09-10 10:11:05 ----D---- C:\ProgramData\AVAST Software
2015-09-09 09:44:43 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 09:44:42 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 09:44:42 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 09:44:38 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 09:44:22 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-09-09 09:44:22 ----A---- C:\Windows\system32\tzres.dll
2015-09-09 09:44:08 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-09-09 09:44:08 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-09-09 09:44:08 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-09 09:44:07 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 09:44:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 09:44:03 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 09:44:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 09:44:03 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 09:44:02 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 09:44:02 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 09:44:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 09:44:01 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 09:44:01 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 09:44:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 09:44:00 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 09:44:00 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 09:43:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 09:43:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 09:43:59 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 09:43:59 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 09:43:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 09:43:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 09:43:58 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 09:43:58 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 09:43:57 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 09:43:55 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 09:43:55 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 09:43:54 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 09:41:16 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 09:41:15 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 09:41:14 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\smss.exe
2015-09-09 09:41:13 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 09:41:13 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 09:41:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 09:41:13 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 09:41:12 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 09:41:11 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 09:41:09 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 09:40:39 ----A---- C:\Windows\system32\authui.dll
2015-09-09 09:40:38 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 09:40:38 ----A---- C:\Windows\system32\consent.exe
2015-09-09 09:40:38 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 09:40:13 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 09:40:13 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 09:40:13 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 09:40:12 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 09:39:59 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 09:39:59 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 09:39:58 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 09:39:58 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 09:39:57 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 09:39:56 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 09:39:56 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 09:38:55 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 09:38:55 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 09:38:50 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wups.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-14 21:13:14 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 21:13:14 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
======List of files/folders modified in the last 1 month======
2015-09-13 22:20:19 ----D---- C:\Windows\SoftwareDistribution
2015-09-13 22:20:19 ----D---- C:\Windows
2015-09-13 22:20:18 ----D---- C:\Windows\Temp
2015-09-13 22:19:07 ----D---- C:\Windows\system32\config
2015-09-13 22:11:54 ----D---- C:\Windows\inf
2015-09-13 12:33:47 ----D---- C:\Windows\System32
2015-09-13 12:33:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-12 23:52:42 ----HD---- C:\ProgramData
2015-09-12 23:50:39 ----D---- C:\Users\MARUSKA\AppData\Roaming\Skype
2015-09-12 19:33:20 ----SHD---- C:\System Volume Information
2015-09-11 10:37:38 ----HD---- C:\$Windows.~BT
2015-09-11 09:47:43 ----D---- C:\Windows\Panther
2015-09-11 01:30:22 ----RD---- C:\Program Files
2015-09-11 01:12:45 ----D---- C:\Windows\system32\Tasks
2015-09-11 00:49:21 ----SHD---- C:\Windows\Installer
2015-09-11 00:49:21 ----D---- C:\Windows\Tasks
2015-09-11 00:32:22 ----D---- C:\Windows\system32\NDF
2015-09-11 00:16:34 ----D---- C:\Program Files (x86)\Opera
2015-09-11 00:16:00 ----D---- C:\Users\MARUSKA\AppData\Roaming\Opera Software
2015-09-10 11:15:45 ----D---- C:\Windows\system32\drivers
2015-09-10 11:15:45 ----D---- C:\Windows\IME
2015-09-10 11:03:40 ----D---- C:\Program Files\WinRAR
2015-09-10 10:59:00 ----D---- C:\Windows\Prefetch
2015-09-10 10:45:59 ----A---- C:\Windows\Sandboxie.ini
2015-09-10 10:44:35 ----RD---- C:\Program Files (x86)
2015-09-10 10:26:48 ----SHD---- C:\$RECYCLE.BIN
2015-09-10 10:17:08 ----D---- C:\Windows\winsxs
2015-09-09 15:32:21 ----D---- C:\Windows\Microsoft.NET
2015-09-09 15:28:24 ----RSD---- C:\Windows\assembly
2015-09-09 13:11:14 ----D---- C:\Windows\debug
2015-09-09 13:05:04 ----D---- C:\Windows\SysWOW64
2015-09-09 13:05:04 ----D---- C:\Program Files\Windows Journal
2015-09-09 13:05:03 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-09 13:05:03 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-09-09 13:05:03 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 13:05:03 ----D---- C:\Windows\ehome
2015-09-09 13:05:03 ----D---- C:\Program Files\Internet Explorer
2015-09-09 13:05:02 ----D---- C:\Windows\system32\en-US
2015-09-09 13:05:02 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 13:05:01 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 13:04:59 ----D---- C:\Windows\AppPatch
2015-09-09 13:04:56 ----D---- C:\Windows\system32\Boot
2015-09-09 13:02:29 ----D---- C:\Windows\system32\MRT
2015-09-09 09:32:12 ----D---- C:\Windows\system32\catroot2
2015-09-01 11:02:31 ----D---- C:\Program Files (x86)\Dropbox
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-26 08:51:49 ----D---- C:\Windows\Minidump
2015-08-17 16:36:10 ----D---- C:\Windows\rescache
2015-08-17 08:50:00 ----SD---- C:\Windows\system32\CompatTel
2015-08-17 08:49:59 ----D---- C:\Windows\system32\appraiser
2015-08-17 08:49:57 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-08-14 21:11:56 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-14 21:11:56 ----D---- C:\Program Files (x86)\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-10 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-10 274808]
R0 hpdskflt;HP Filter; C:\Windows\system32\drivers\hpdskflt.sys [2013-07-23 30520]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2015-05-29 646408]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2015-05-29 30960]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2014-08-25 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PinFile;PinFile; C:\Windows\system32\DRIVERS\PinFile.sys [2014-02-04 49856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SDDisk2K;SDDisk2K; C:\Windows\system32\DRIVERS\SDDisk2K.sys [2014-02-04 228544]
R0 SDDToki;SDDToki; C:\Windows\system32\DRIVERS\SDDToki.sys [2014-02-04 131264]
R0 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-09-10 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-10 1048344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-10 447944]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-27 90608]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-10 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-10 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-09-10 150672]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\drivers\Accelerometer.sys [2013-07-23 43320]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2013-12-04 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-11 3729920]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2013-08-09 21408]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2013-08-09 21920]
R3 INETMON;INETMON; \??\C:\windows\System32\Drivers\INETMON.sys [2013-08-08 29088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-16 3933144]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\drivers\ISCTD64.sys [2013-08-08 46568]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-08-25 383984]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-08-25 795120]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-09-13 113880]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\drivers\TeeDriverx64.sys [2013-12-10 100312]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [2014-04-01 552448]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-03-28 918232]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2014-11-17 3603672]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2015-06-23 190088]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2014-03-13 1519520]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-07-03 580336]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2013-12-04 552960]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2013-10-07 65752]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 HP1210FAX;HP1210MFP FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [2012-11-07 16896]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-02-27 272088]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2014-02-27 331992]
S3 RtkAvrcp;Realtek Bluetooth A/V Remote Control Target; C:\Windows\system32\drivers\RtkAvrcp.sys [2012-12-28 61152]
S3 RTSPER;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-03-21 476888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SmbDrv;SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [2014-04-08 30448]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [2014-04-08 31472]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-12-04 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2015-09-07 1136520]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-10 146600]
R2 AvrcpService;AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [2013-05-07 35328]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-03-06 88064]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CtAgentService;Absolute Software Agent Service; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [2014-03-31 7168]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2014-04-04 500048]
R2 HpDamServiceHost;HP Device Access Manager Usage Service; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [2013-11-15 18232]
R2 HPFSService;HP File Sanitizer; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2014-02-05 1758936]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 362296]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2011-05-18 126520]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2013-07-23 43320]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-03-11 282072]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 ISCTAgent;Intel(R) Smart Connect Technology Agent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2013-09-07 198120]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-01-08 290520]
R2 RtkBleServ;RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [2013-04-26 42496]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2015-06-23 175752]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2013-09-12 3221392]
R2 VRLService;VRLService; C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE [2014-09-05 209408]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2014-01-06 1243320]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-20 134512]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-05-22 18672]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-12-10 131544]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-10 390616]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-03-11 279000]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-20 134512]
S3 FLCDLOCK;HP Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2013-11-20 567608]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-07-22 1357104]
S3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2014-04-10 1448248]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-12 148136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by MARUSKA at 2015-09-13 22:20:36
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 245 GB (53%) free of 461 GB
Total RAM: 3968 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:20:40, on 13.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\MARUSKA\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
C:\Program Files\trend micro\MARUSKA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Absolute Software Agent Service (CtAgentService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Device Access Manager Usage Service (HpDamServiceHost) - Hewlett-Packard Development Company - c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP LaserJet Professional M1210 MFP Series Receive Fax Service (HPM1210RcvFaxSrvc) - HP - C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VRLService - Unknown owner - C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15682 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
winlogon.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\Hpservice.exe
"C:\Program Files\Sandboxie\SbieSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SC
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 24737616
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\Windows\system32\conhost.exe "-4945634083657607110754114651085091494150652352-141841320416567097331629743797
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {1DEAFE58-CACB-46DA-ACB2-80B1821B1717}
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"taskhost.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe"
C:\Windows\system32\HPSIsvc.exe
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
"c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\servicing\TrustedInstaller.exe
igfxHK.exe
igfxTray.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4ab6d914-ff30-47b6-b3de-472fa900c2f2 -SystemEventPortName:HostProcess-c7a4e53a-1450-4c80-9c2f-e4d5b955187a -IoCancelEventPortName:HostProcess-9bf9864d-4d1a-47e0-ba98-ee7284252da1 -NonStateChangingEventPortName:HostProcess-2a911852-182d-4452-80e1-051e58321481 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:60a5093b-a3e5-4422-a9f7-b2ccd109b133 -DeviceGroupId:WpdFsGroup
"C:\Windows\system32\igfxEM.exe" -Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
"C:\Program Files\Sandboxie\SbieCtrl.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
taskeng.exe {4B0E2E29-8F0A-4CE3-91D5-777430C89824}
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe"
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Realtek\REALTEK Bluetooth\SkypePlugin.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\MARUSKA\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe" -showminimized -checkautorun -peruser
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Users\MARUSKA\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForMARUSKA.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMARUSKA (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\digitalpersona.com/ChromeDPAgent]
"Description"=
"Path"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default\extensions\
veggy@veggyAddon.com
{4066cf06-1058-7f90-be31-2d3c1b4800b1}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-10 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
HP File Sanitizer - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05 129240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-26 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-10 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-26 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-04-16 7574896]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2014-01-06 216064]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-03 2863344]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-05 415680]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-01 36352]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2015-06-23 787592]
"AdobeBridge"= []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2014-04-01 419512]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2014-04-10 185144]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-08-25 293872]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2014-04-01 126240]
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2013-09-17 167488]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
"HP File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2014-02-05 2213592]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-08-14 39175960]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-09-05 937920]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2011-09-05 36760]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2011-09-05 2904984]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2015-09-07 523144]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-10 6111824]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ISCTSystray.lnk - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-09-13 22:06:52 ----D---- C:\_OTM
2015-09-12 23:51:08 ----D---- C:\AdwCleaner
2015-09-11 01:30:22 ----D---- C:\Program Files\trend micro
2015-09-11 01:30:21 ----D---- C:\rsit
2015-09-10 10:45:18 ----D---- C:\Users\MARUSKA\AppData\Roaming\AVAST Software
2015-09-10 10:44:53 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-09-10 10:44:35 ----D---- C:\ProgramData\Malwarebytes
2015-09-10 10:44:35 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-09-10 10:17:22 ----D---- C:\Program Files (x86)\Google
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-09-10 10:17:07 ----A---- C:\Windows\system32\aswBoot.exe
2015-09-10 10:17:02 ----A---- C:\Windows\avastSS.scr
2015-09-10 10:11:42 ----D---- C:\Program Files\AVAST Software
2015-09-10 10:11:05 ----D---- C:\ProgramData\AVAST Software
2015-09-09 09:44:43 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 09:44:42 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 09:44:42 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 09:44:38 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 09:44:22 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-09-09 09:44:22 ----A---- C:\Windows\system32\tzres.dll
2015-09-09 09:44:08 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-09-09 09:44:08 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-09-09 09:44:08 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-09 09:44:07 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 09:44:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 09:44:03 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 09:44:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 09:44:03 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 09:44:02 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 09:44:02 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 09:44:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 09:44:01 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 09:44:01 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 09:44:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 09:44:00 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 09:44:00 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 09:43:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 09:43:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 09:43:59 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 09:43:59 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 09:43:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 09:43:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 09:43:58 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 09:43:58 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 09:43:57 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 09:43:55 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 09:43:55 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 09:43:54 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 09:41:16 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 09:41:15 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 09:41:14 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\smss.exe
2015-09-09 09:41:13 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 09:41:13 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 09:41:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 09:41:13 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 09:41:12 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 09:41:11 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 09:41:09 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 09:40:39 ----A---- C:\Windows\system32\authui.dll
2015-09-09 09:40:38 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 09:40:38 ----A---- C:\Windows\system32\consent.exe
2015-09-09 09:40:38 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 09:40:13 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 09:40:13 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 09:40:13 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 09:40:12 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 09:39:59 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 09:39:59 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 09:39:58 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 09:39:58 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 09:39:57 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 09:39:56 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 09:39:56 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 09:38:55 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 09:38:55 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 09:38:50 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wups.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-14 21:13:14 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 21:13:14 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
======List of files/folders modified in the last 1 month======
2015-09-13 22:20:19 ----D---- C:\Windows\SoftwareDistribution
2015-09-13 22:20:19 ----D---- C:\Windows
2015-09-13 22:20:18 ----D---- C:\Windows\Temp
2015-09-13 22:19:07 ----D---- C:\Windows\system32\config
2015-09-13 22:11:54 ----D---- C:\Windows\inf
2015-09-13 12:33:47 ----D---- C:\Windows\System32
2015-09-13 12:33:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-12 23:52:42 ----HD---- C:\ProgramData
2015-09-12 23:50:39 ----D---- C:\Users\MARUSKA\AppData\Roaming\Skype
2015-09-12 19:33:20 ----SHD---- C:\System Volume Information
2015-09-11 10:37:38 ----HD---- C:\$Windows.~BT
2015-09-11 09:47:43 ----D---- C:\Windows\Panther
2015-09-11 01:30:22 ----RD---- C:\Program Files
2015-09-11 01:12:45 ----D---- C:\Windows\system32\Tasks
2015-09-11 00:49:21 ----SHD---- C:\Windows\Installer
2015-09-11 00:49:21 ----D---- C:\Windows\Tasks
2015-09-11 00:32:22 ----D---- C:\Windows\system32\NDF
2015-09-11 00:16:34 ----D---- C:\Program Files (x86)\Opera
2015-09-11 00:16:00 ----D---- C:\Users\MARUSKA\AppData\Roaming\Opera Software
2015-09-10 11:15:45 ----D---- C:\Windows\system32\drivers
2015-09-10 11:15:45 ----D---- C:\Windows\IME
2015-09-10 11:03:40 ----D---- C:\Program Files\WinRAR
2015-09-10 10:59:00 ----D---- C:\Windows\Prefetch
2015-09-10 10:45:59 ----A---- C:\Windows\Sandboxie.ini
2015-09-10 10:44:35 ----RD---- C:\Program Files (x86)
2015-09-10 10:26:48 ----SHD---- C:\$RECYCLE.BIN
2015-09-10 10:17:08 ----D---- C:\Windows\winsxs
2015-09-09 15:32:21 ----D---- C:\Windows\Microsoft.NET
2015-09-09 15:28:24 ----RSD---- C:\Windows\assembly
2015-09-09 13:11:14 ----D---- C:\Windows\debug
2015-09-09 13:05:04 ----D---- C:\Windows\SysWOW64
2015-09-09 13:05:04 ----D---- C:\Program Files\Windows Journal
2015-09-09 13:05:03 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-09 13:05:03 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-09-09 13:05:03 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 13:05:03 ----D---- C:\Windows\ehome
2015-09-09 13:05:03 ----D---- C:\Program Files\Internet Explorer
2015-09-09 13:05:02 ----D---- C:\Windows\system32\en-US
2015-09-09 13:05:02 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 13:05:01 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 13:04:59 ----D---- C:\Windows\AppPatch
2015-09-09 13:04:56 ----D---- C:\Windows\system32\Boot
2015-09-09 13:02:29 ----D---- C:\Windows\system32\MRT
2015-09-09 09:32:12 ----D---- C:\Windows\system32\catroot2
2015-09-01 11:02:31 ----D---- C:\Program Files (x86)\Dropbox
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-26 08:51:49 ----D---- C:\Windows\Minidump
2015-08-17 16:36:10 ----D---- C:\Windows\rescache
2015-08-17 08:50:00 ----SD---- C:\Windows\system32\CompatTel
2015-08-17 08:49:59 ----D---- C:\Windows\system32\appraiser
2015-08-17 08:49:57 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-08-14 21:11:56 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-14 21:11:56 ----D---- C:\Program Files (x86)\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-10 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-10 274808]
R0 hpdskflt;HP Filter; C:\Windows\system32\drivers\hpdskflt.sys [2013-07-23 30520]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2015-05-29 646408]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2015-05-29 30960]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2014-08-25 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PinFile;PinFile; C:\Windows\system32\DRIVERS\PinFile.sys [2014-02-04 49856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SDDisk2K;SDDisk2K; C:\Windows\system32\DRIVERS\SDDisk2K.sys [2014-02-04 228544]
R0 SDDToki;SDDToki; C:\Windows\system32\DRIVERS\SDDToki.sys [2014-02-04 131264]
R0 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-09-10 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-10 1048344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-10 447944]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-27 90608]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-10 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-10 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-09-10 150672]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\drivers\Accelerometer.sys [2013-07-23 43320]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2013-12-04 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-11 3729920]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2013-08-09 21408]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2013-08-09 21920]
R3 INETMON;INETMON; \??\C:\windows\System32\Drivers\INETMON.sys [2013-08-08 29088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-16 3933144]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\drivers\ISCTD64.sys [2013-08-08 46568]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-08-25 383984]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-08-25 795120]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-09-13 113880]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\drivers\TeeDriverx64.sys [2013-12-10 100312]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [2014-04-01 552448]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-03-28 918232]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2014-11-17 3603672]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2015-06-23 190088]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2014-03-13 1519520]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-07-03 580336]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2013-12-04 552960]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2013-10-07 65752]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 HP1210FAX;HP1210MFP FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [2012-11-07 16896]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-02-27 272088]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2014-02-27 331992]
S3 RtkAvrcp;Realtek Bluetooth A/V Remote Control Target; C:\Windows\system32\drivers\RtkAvrcp.sys [2012-12-28 61152]
S3 RTSPER;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-03-21 476888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SmbDrv;SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [2014-04-08 30448]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [2014-04-08 31472]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-12-04 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2015-09-07 1136520]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-10 146600]
R2 AvrcpService;AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [2013-05-07 35328]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-03-06 88064]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CtAgentService;Absolute Software Agent Service; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [2014-03-31 7168]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2014-04-04 500048]
R2 HpDamServiceHost;HP Device Access Manager Usage Service; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [2013-11-15 18232]
R2 HPFSService;HP File Sanitizer; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2014-02-05 1758936]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 362296]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2011-05-18 126520]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2013-07-23 43320]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-03-11 282072]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 ISCTAgent;Intel(R) Smart Connect Technology Agent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2013-09-07 198120]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-01-08 290520]
R2 RtkBleServ;RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [2013-04-26 42496]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2015-06-23 175752]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2013-09-12 3221392]
R2 VRLService;VRLService; C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE [2014-09-05 209408]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2014-01-06 1243320]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-20 134512]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-05-22 18672]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-12-10 131544]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-10 390616]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-03-11 279000]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-20 134512]
S3 FLCDLOCK;HP Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2013-11-20 567608]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-07-22 1357104]
S3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2014-04-10 1448248]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-12 148136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontolu logu
Dvouklikem na soubor C:\Program Files\trend micro\MARUSKA.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDFJS
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontolu logu
Hotovo. Žádná však změna... Zde je nový RSIT. Děkuji.
Logfile of random's system information tool 1.10 (written by random/random)
Run by MARUSKA at 2015-09-13 23:01:40
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 245 GB (53%) free of 461 GB
Total RAM: 3968 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:01:46, on 13.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AcroDist.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\MARUSKA\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
C:\Program Files\trend micro\MARUSKA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Absolute Software Agent Service (CtAgentService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Device Access Manager Usage Service (HpDamServiceHost) - Hewlett-Packard Development Company - c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP LaserJet Professional M1210 MFP Series Receive Fax Service (HPM1210RcvFaxSrvc) - HP - C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VRLService - Unknown owner - C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15440 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
winlogon.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\Hpservice.exe
"C:\Program Files\Sandboxie\SbieSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SC
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 25684816
\??\C:\Windows\system32\conhost.exe "293604714-13751923963909415131466932520-376159700-1468564960-1286070293190997500
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {79DE5CC9-9453-4D6B-95C2-39E66BF975A1}
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe"
C:\Windows\system32\HPSIsvc.exe
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
"c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\PrintIsolationHost.exe -Embedding
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\wbem\wmiprvse.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
"C:\Program Files\Sandboxie\SbieCtrl.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe"
"C:\Windows\system32\igfxEM.exe" -Embedding
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\SkypePlugin.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
taskeng.exe {93BA0ED1-F0D8-45A3-8C57-46D4389EE61C}
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe"
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /AUTO /uac
/N /P --UseSystemFonts /Q:15
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
taskeng.exe {4291C924-8442-46DF-84EA-57E009A7B8EF}
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Users\MARUSKA\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe" -showminimized -checkautorun -peruser
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Users\MARUSKA\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
C:\Windows\System32\mobsync.exe -Embedding
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForMARUSKA.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMARUSKA (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\digitalpersona.com/ChromeDPAgent]
"Description"=
"Path"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default\extensions\
veggy@veggyAddon.com
{4066cf06-1058-7f90-be31-2d3c1b4800b1}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-10 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
HP File Sanitizer - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05 129240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-26 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-10 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-26 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-04-16 7574896]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2014-01-06 216064]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-03 2863344]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-05 415680]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-01 36352]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2015-06-23 787592]
"AdobeBridge"= []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2014-04-01 419512]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2014-04-10 185144]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-08-25 293872]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2014-04-01 126240]
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2013-09-17 167488]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
"HP File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2014-02-05 2213592]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-08-14 39175960]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-09-05 937920]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2011-09-05 36760]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2011-09-05 2904984]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2015-09-07 523144]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-10 6111824]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ISCTSystray.lnk - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-09-13 23:01:40 ----D---- C:\rsit
2015-09-12 23:51:08 ----D---- C:\AdwCleaner
2015-09-11 01:30:22 ----D---- C:\Program Files\trend micro
2015-09-10 10:45:18 ----D---- C:\Users\MARUSKA\AppData\Roaming\AVAST Software
2015-09-10 10:44:53 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-09-10 10:44:35 ----D---- C:\ProgramData\Malwarebytes
2015-09-10 10:44:35 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-09-10 10:17:22 ----D---- C:\Program Files (x86)\Google
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-09-10 10:17:07 ----A---- C:\Windows\system32\aswBoot.exe
2015-09-10 10:17:02 ----A---- C:\Windows\avastSS.scr
2015-09-10 10:11:42 ----D---- C:\Program Files\AVAST Software
2015-09-10 10:11:05 ----D---- C:\ProgramData\AVAST Software
2015-09-09 09:44:43 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 09:44:42 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 09:44:42 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 09:44:38 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 09:44:22 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-09-09 09:44:22 ----A---- C:\Windows\system32\tzres.dll
2015-09-09 09:44:08 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-09-09 09:44:08 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-09-09 09:44:08 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-09 09:44:07 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 09:44:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 09:44:03 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 09:44:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 09:44:03 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 09:44:02 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 09:44:02 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 09:44:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 09:44:01 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 09:44:01 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 09:44:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 09:44:00 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 09:44:00 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 09:43:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 09:43:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 09:43:59 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 09:43:59 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 09:43:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 09:43:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 09:43:58 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 09:43:58 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 09:43:57 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 09:43:55 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 09:43:55 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 09:43:54 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 09:41:16 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 09:41:15 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 09:41:14 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\smss.exe
2015-09-09 09:41:13 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 09:41:13 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 09:41:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 09:41:13 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 09:41:12 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 09:41:11 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 09:41:09 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 09:40:39 ----A---- C:\Windows\system32\authui.dll
2015-09-09 09:40:38 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 09:40:38 ----A---- C:\Windows\system32\consent.exe
2015-09-09 09:40:38 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 09:40:13 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 09:40:13 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 09:40:13 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 09:40:12 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 09:39:59 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 09:39:59 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 09:39:58 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 09:39:58 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 09:39:57 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 09:39:56 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 09:39:56 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 09:38:55 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 09:38:55 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 09:38:50 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wups.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-14 21:13:14 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 21:13:14 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
======List of files/folders modified in the last 1 month======
2015-09-13 23:01:44 ----D---- C:\Windows\Temp
2015-09-13 23:01:42 ----D---- C:\Windows\SoftwareDistribution
2015-09-13 23:01:42 ----D---- C:\Windows
2015-09-13 23:01:14 ----D---- C:\Windows\system32\config
2015-09-13 23:00:56 ----D---- C:\Windows\inf
2015-09-13 12:33:47 ----D---- C:\Windows\System32
2015-09-13 12:33:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-12 23:52:42 ----HD---- C:\ProgramData
2015-09-12 23:50:39 ----D---- C:\Users\MARUSKA\AppData\Roaming\Skype
2015-09-12 19:33:20 ----SHD---- C:\System Volume Information
2015-09-11 10:46:45 ----D---- C:\Windows\Panther
2015-09-11 10:37:38 ----HD---- C:\$Windows.~BT
2015-09-11 01:30:22 ----RD---- C:\Program Files
2015-09-11 01:12:45 ----D---- C:\Windows\system32\Tasks
2015-09-11 00:49:21 ----SHD---- C:\Windows\Installer
2015-09-11 00:49:21 ----D---- C:\Windows\Tasks
2015-09-11 00:32:22 ----D---- C:\Windows\system32\NDF
2015-09-11 00:16:34 ----D---- C:\Program Files (x86)\Opera
2015-09-11 00:16:00 ----D---- C:\Users\MARUSKA\AppData\Roaming\Opera Software
2015-09-10 11:15:45 ----D---- C:\Windows\system32\drivers
2015-09-10 11:15:45 ----D---- C:\Windows\IME
2015-09-10 11:03:40 ----D---- C:\Program Files\WinRAR
2015-09-10 10:59:00 ----D---- C:\Windows\Prefetch
2015-09-10 10:45:59 ----A---- C:\Windows\Sandboxie.ini
2015-09-10 10:44:35 ----RD---- C:\Program Files (x86)
2015-09-10 10:26:48 ----SHD---- C:\$RECYCLE.BIN
2015-09-10 10:17:08 ----D---- C:\Windows\winsxs
2015-09-09 15:32:21 ----D---- C:\Windows\Microsoft.NET
2015-09-09 15:28:24 ----RSD---- C:\Windows\assembly
2015-09-09 13:11:14 ----D---- C:\Windows\debug
2015-09-09 13:05:04 ----D---- C:\Windows\SysWOW64
2015-09-09 13:05:04 ----D---- C:\Program Files\Windows Journal
2015-09-09 13:05:03 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-09 13:05:03 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-09-09 13:05:03 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 13:05:03 ----D---- C:\Windows\ehome
2015-09-09 13:05:03 ----D---- C:\Program Files\Internet Explorer
2015-09-09 13:05:02 ----D---- C:\Windows\system32\en-US
2015-09-09 13:05:02 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 13:05:01 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 13:04:59 ----D---- C:\Windows\AppPatch
2015-09-09 13:04:56 ----D---- C:\Windows\system32\Boot
2015-09-09 13:02:29 ----D---- C:\Windows\system32\MRT
2015-09-09 09:32:12 ----D---- C:\Windows\system32\catroot2
2015-09-01 11:02:31 ----D---- C:\Program Files (x86)\Dropbox
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-26 08:51:49 ----D---- C:\Windows\Minidump
2015-08-17 16:36:10 ----D---- C:\Windows\rescache
2015-08-17 08:50:00 ----SD---- C:\Windows\system32\CompatTel
2015-08-17 08:49:59 ----D---- C:\Windows\system32\appraiser
2015-08-17 08:49:57 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-08-14 21:11:56 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-14 21:11:56 ----D---- C:\Program Files (x86)\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-10 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-10 274808]
R0 hpdskflt;HP Filter; C:\Windows\system32\drivers\hpdskflt.sys [2013-07-23 30520]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2015-05-29 646408]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2015-05-29 30960]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2014-08-25 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PinFile;PinFile; C:\Windows\system32\DRIVERS\PinFile.sys [2014-02-04 49856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SDDisk2K;SDDisk2K; C:\Windows\system32\DRIVERS\SDDisk2K.sys [2014-02-04 228544]
R0 SDDToki;SDDToki; C:\Windows\system32\DRIVERS\SDDToki.sys [2014-02-04 131264]
R0 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-09-10 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-10 1048344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-10 447944]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-27 90608]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-10 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-10 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-09-10 150672]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\drivers\Accelerometer.sys [2013-07-23 43320]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2013-12-04 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-11 3729920]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2013-08-09 21408]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2013-08-09 21920]
R3 INETMON;INETMON; \??\C:\windows\System32\Drivers\INETMON.sys [2013-08-08 29088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-16 3933144]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\drivers\ISCTD64.sys [2013-08-08 46568]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-08-25 383984]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-08-25 795120]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-09-13 113880]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\drivers\TeeDriverx64.sys [2013-12-10 100312]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [2014-04-01 552448]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-03-28 918232]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2014-11-17 3603672]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2015-06-23 190088]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2014-03-13 1519520]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-07-03 580336]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2013-12-04 552960]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2013-10-07 65752]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 HP1210FAX;HP1210MFP FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [2012-11-07 16896]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-02-27 272088]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2014-02-27 331992]
S3 RtkAvrcp;Realtek Bluetooth A/V Remote Control Target; C:\Windows\system32\drivers\RtkAvrcp.sys [2012-12-28 61152]
S3 RTSPER;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-03-21 476888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SmbDrv;SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [2014-04-08 30448]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [2014-04-08 31472]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-12-04 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2015-09-07 1136520]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-10 146600]
R2 AvrcpService;AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [2013-05-07 35328]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-03-06 88064]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CtAgentService;Absolute Software Agent Service; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [2014-03-31 7168]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2014-04-04 500048]
R2 HpDamServiceHost;HP Device Access Manager Usage Service; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [2013-11-15 18232]
R2 HPFSService;HP File Sanitizer; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2014-02-05 1758936]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 362296]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2011-05-18 126520]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2013-07-23 43320]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-03-11 282072]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 ISCTAgent;Intel(R) Smart Connect Technology Agent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2013-09-07 198120]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-01-08 290520]
R2 RtkBleServ;RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [2013-04-26 42496]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2015-06-23 175752]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2013-09-12 3221392]
R2 VRLService;VRLService; C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE [2014-09-05 209408]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2014-01-06 1243320]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-20 134512]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-05-22 18672]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-12-10 131544]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-10 390616]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-03-11 279000]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-20 134512]
S3 FLCDLOCK;HP Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2013-11-20 567608]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-07-22 1357104]
S3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2014-04-10 1448248]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-12 148136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by MARUSKA at 2015-09-13 23:01:40
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 245 GB (53%) free of 461 GB
Total RAM: 3968 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:01:46, on 13.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AcroDist.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\MARUSKA\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
C:\Program Files\trend micro\MARUSKA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Absolute Software Agent Service (CtAgentService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Device Access Manager Usage Service (HpDamServiceHost) - Hewlett-Packard Development Company - c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP LaserJet Professional M1210 MFP Series Receive Fax Service (HPM1210RcvFaxSrvc) - HP - C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VRLService - Unknown owner - C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15440 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
winlogon.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\Hpservice.exe
"C:\Program Files\Sandboxie\SbieSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SC
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 25684816
\??\C:\Windows\system32\conhost.exe "293604714-13751923963909415131466932520-376159700-1468564960-1286070293190997500
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {79DE5CC9-9453-4D6B-95C2-39E66BF975A1}
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe"
C:\Windows\system32\HPSIsvc.exe
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
"c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\PrintIsolationHost.exe -Embedding
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\wbem\wmiprvse.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
"C:\Program Files\Sandboxie\SbieCtrl.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe"
"C:\Windows\system32\igfxEM.exe" -Embedding
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\SkypePlugin.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
taskeng.exe {93BA0ED1-F0D8-45A3-8C57-46D4389EE61C}
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe"
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /AUTO /uac
/N /P --UseSystemFonts /Q:15
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
taskeng.exe {4291C924-8442-46DF-84EA-57E009A7B8EF}
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Users\MARUSKA\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe" -showminimized -checkautorun -peruser
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Users\MARUSKA\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
C:\Windows\System32\mobsync.exe -Embedding
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForMARUSKA.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMARUSKA (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\digitalpersona.com/ChromeDPAgent]
"Description"=
"Path"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default\extensions\
veggy@veggyAddon.com
{4066cf06-1058-7f90-be31-2d3c1b4800b1}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-10 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
HP File Sanitizer - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05 129240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-26 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-10 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-26 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-04-16 7574896]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2014-01-06 216064]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-03 2863344]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-05 415680]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-01 36352]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2015-06-23 787592]
"AdobeBridge"= []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2014-04-01 419512]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2014-04-10 185144]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-08-25 293872]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2014-04-01 126240]
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2013-09-17 167488]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
"HP File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2014-02-05 2213592]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-08-14 39175960]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-09-05 937920]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2011-09-05 36760]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2011-09-05 2904984]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2015-09-07 523144]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-10 6111824]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ISCTSystray.lnk - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-09-13 23:01:40 ----D---- C:\rsit
2015-09-12 23:51:08 ----D---- C:\AdwCleaner
2015-09-11 01:30:22 ----D---- C:\Program Files\trend micro
2015-09-10 10:45:18 ----D---- C:\Users\MARUSKA\AppData\Roaming\AVAST Software
2015-09-10 10:44:53 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-09-10 10:44:35 ----D---- C:\ProgramData\Malwarebytes
2015-09-10 10:44:35 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-09-10 10:17:22 ----D---- C:\Program Files (x86)\Google
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-09-10 10:17:07 ----A---- C:\Windows\system32\aswBoot.exe
2015-09-10 10:17:02 ----A---- C:\Windows\avastSS.scr
2015-09-10 10:11:42 ----D---- C:\Program Files\AVAST Software
2015-09-10 10:11:05 ----D---- C:\ProgramData\AVAST Software
2015-09-09 09:44:43 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 09:44:42 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 09:44:42 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 09:44:38 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 09:44:22 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-09-09 09:44:22 ----A---- C:\Windows\system32\tzres.dll
2015-09-09 09:44:08 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-09-09 09:44:08 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-09-09 09:44:08 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-09 09:44:07 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 09:44:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 09:44:03 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 09:44:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 09:44:03 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 09:44:02 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 09:44:02 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 09:44:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 09:44:01 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 09:44:01 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 09:44:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 09:44:00 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 09:44:00 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 09:43:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 09:43:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 09:43:59 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 09:43:59 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 09:43:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 09:43:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 09:43:58 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 09:43:58 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 09:43:57 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 09:43:55 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 09:43:55 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 09:43:54 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 09:41:16 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 09:41:15 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 09:41:14 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\smss.exe
2015-09-09 09:41:13 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 09:41:13 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 09:41:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 09:41:13 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 09:41:12 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 09:41:11 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 09:41:09 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 09:40:39 ----A---- C:\Windows\system32\authui.dll
2015-09-09 09:40:38 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 09:40:38 ----A---- C:\Windows\system32\consent.exe
2015-09-09 09:40:38 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 09:40:13 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 09:40:13 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 09:40:13 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 09:40:12 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 09:39:59 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 09:39:59 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 09:39:58 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 09:39:58 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 09:39:57 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 09:39:56 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 09:39:56 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 09:38:55 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 09:38:55 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 09:38:50 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wups.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-14 21:13:14 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 21:13:14 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
======List of files/folders modified in the last 1 month======
2015-09-13 23:01:44 ----D---- C:\Windows\Temp
2015-09-13 23:01:42 ----D---- C:\Windows\SoftwareDistribution
2015-09-13 23:01:42 ----D---- C:\Windows
2015-09-13 23:01:14 ----D---- C:\Windows\system32\config
2015-09-13 23:00:56 ----D---- C:\Windows\inf
2015-09-13 12:33:47 ----D---- C:\Windows\System32
2015-09-13 12:33:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-12 23:52:42 ----HD---- C:\ProgramData
2015-09-12 23:50:39 ----D---- C:\Users\MARUSKA\AppData\Roaming\Skype
2015-09-12 19:33:20 ----SHD---- C:\System Volume Information
2015-09-11 10:46:45 ----D---- C:\Windows\Panther
2015-09-11 10:37:38 ----HD---- C:\$Windows.~BT
2015-09-11 01:30:22 ----RD---- C:\Program Files
2015-09-11 01:12:45 ----D---- C:\Windows\system32\Tasks
2015-09-11 00:49:21 ----SHD---- C:\Windows\Installer
2015-09-11 00:49:21 ----D---- C:\Windows\Tasks
2015-09-11 00:32:22 ----D---- C:\Windows\system32\NDF
2015-09-11 00:16:34 ----D---- C:\Program Files (x86)\Opera
2015-09-11 00:16:00 ----D---- C:\Users\MARUSKA\AppData\Roaming\Opera Software
2015-09-10 11:15:45 ----D---- C:\Windows\system32\drivers
2015-09-10 11:15:45 ----D---- C:\Windows\IME
2015-09-10 11:03:40 ----D---- C:\Program Files\WinRAR
2015-09-10 10:59:00 ----D---- C:\Windows\Prefetch
2015-09-10 10:45:59 ----A---- C:\Windows\Sandboxie.ini
2015-09-10 10:44:35 ----RD---- C:\Program Files (x86)
2015-09-10 10:26:48 ----SHD---- C:\$RECYCLE.BIN
2015-09-10 10:17:08 ----D---- C:\Windows\winsxs
2015-09-09 15:32:21 ----D---- C:\Windows\Microsoft.NET
2015-09-09 15:28:24 ----RSD---- C:\Windows\assembly
2015-09-09 13:11:14 ----D---- C:\Windows\debug
2015-09-09 13:05:04 ----D---- C:\Windows\SysWOW64
2015-09-09 13:05:04 ----D---- C:\Program Files\Windows Journal
2015-09-09 13:05:03 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-09 13:05:03 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-09-09 13:05:03 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 13:05:03 ----D---- C:\Windows\ehome
2015-09-09 13:05:03 ----D---- C:\Program Files\Internet Explorer
2015-09-09 13:05:02 ----D---- C:\Windows\system32\en-US
2015-09-09 13:05:02 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 13:05:01 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 13:04:59 ----D---- C:\Windows\AppPatch
2015-09-09 13:04:56 ----D---- C:\Windows\system32\Boot
2015-09-09 13:02:29 ----D---- C:\Windows\system32\MRT
2015-09-09 09:32:12 ----D---- C:\Windows\system32\catroot2
2015-09-01 11:02:31 ----D---- C:\Program Files (x86)\Dropbox
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-26 08:51:49 ----D---- C:\Windows\Minidump
2015-08-17 16:36:10 ----D---- C:\Windows\rescache
2015-08-17 08:50:00 ----SD---- C:\Windows\system32\CompatTel
2015-08-17 08:49:59 ----D---- C:\Windows\system32\appraiser
2015-08-17 08:49:57 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-08-14 21:11:56 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-14 21:11:56 ----D---- C:\Program Files (x86)\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-10 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-10 274808]
R0 hpdskflt;HP Filter; C:\Windows\system32\drivers\hpdskflt.sys [2013-07-23 30520]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2015-05-29 646408]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2015-05-29 30960]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2014-08-25 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PinFile;PinFile; C:\Windows\system32\DRIVERS\PinFile.sys [2014-02-04 49856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SDDisk2K;SDDisk2K; C:\Windows\system32\DRIVERS\SDDisk2K.sys [2014-02-04 228544]
R0 SDDToki;SDDToki; C:\Windows\system32\DRIVERS\SDDToki.sys [2014-02-04 131264]
R0 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-09-10 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-10 1048344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-10 447944]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-27 90608]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-10 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-10 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-09-10 150672]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\drivers\Accelerometer.sys [2013-07-23 43320]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2013-12-04 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-11 3729920]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2013-08-09 21408]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2013-08-09 21920]
R3 INETMON;INETMON; \??\C:\windows\System32\Drivers\INETMON.sys [2013-08-08 29088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-16 3933144]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\drivers\ISCTD64.sys [2013-08-08 46568]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-08-25 383984]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-08-25 795120]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-09-13 113880]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\drivers\TeeDriverx64.sys [2013-12-10 100312]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [2014-04-01 552448]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-03-28 918232]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2014-11-17 3603672]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2015-06-23 190088]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2014-03-13 1519520]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-07-03 580336]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2013-12-04 552960]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2013-10-07 65752]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 HP1210FAX;HP1210MFP FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [2012-11-07 16896]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-02-27 272088]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2014-02-27 331992]
S3 RtkAvrcp;Realtek Bluetooth A/V Remote Control Target; C:\Windows\system32\drivers\RtkAvrcp.sys [2012-12-28 61152]
S3 RTSPER;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-03-21 476888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SmbDrv;SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [2014-04-08 30448]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [2014-04-08 31472]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-12-04 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2015-09-07 1136520]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-10 146600]
R2 AvrcpService;AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [2013-05-07 35328]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-03-06 88064]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CtAgentService;Absolute Software Agent Service; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [2014-03-31 7168]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2014-04-04 500048]
R2 HpDamServiceHost;HP Device Access Manager Usage Service; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [2013-11-15 18232]
R2 HPFSService;HP File Sanitizer; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2014-02-05 1758936]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 362296]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2011-05-18 126520]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2013-07-23 43320]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-03-11 282072]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 ISCTAgent;Intel(R) Smart Connect Technology Agent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2013-09-07 198120]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-01-08 290520]
R2 RtkBleServ;RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [2013-04-26 42496]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2015-06-23 175752]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2013-09-12 3221392]
R2 VRLService;VRLService; C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE [2014-09-05 209408]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2014-01-06 1243320]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-20 134512]
S2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-05-22 18672]
S2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-12-10 131544]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-10 390616]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-03-11 279000]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-20 134512]
S3 FLCDLOCK;HP Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2013-11-20 567608]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-07-22 1357104]
S3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2014-04-10 1448248]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-12 148136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontolu logu
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Restartujte PC. Dále udělejte kiompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontolu logu
Tady jsou logy z Anti-Malware…. Trochu to trvá, omlouvám se. Není to můj počítač.
Nic se z nich ale nedá vyčíst, protože to nic nenašlo. Bohužel problém stále trvá…
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Datum skenov·nÌ: 15.9.2015
»as skenov·nÌ: 11:40
Protokol: scan _ 1509.txt
Spr·vce: Ano
Verze: 2.1.8.1057
Datab·ze malwaru: v2015.09.15.03
Datab·ze rootkit˘: v2015.08.16.01
Licence: ZkuöebnÌ verze
Ochrana proti malwaru: Zapnuto
Ochrana proti ökodliv˝m webov˝m str·nk·m: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborov˝ systÈm: NTFS
Uûivatel: MARUSKA
Typ skenu: Sken hrozeb
V˝sledek: DokonËeno
Prohledan˝ch objekt˘: 377252
Uplynul˝ Ëas: 10 min, 50 sek
PamÏù: Zapnuto
Po spuötÏnÌ: Zapnuto
Souborov˝ systÈm: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Moduly: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
KlÌËe registru: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Hodnoty registru: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Data registru: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Sloûky: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Soubory: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
FyzickÈ sektory: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
(end)
-------------
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Datum skenov·nÌ: 15.9.2015
»as skenov·nÌ: 10:23
Protokol: scan _ 1509_02.txt
Spr·vce: Ano
Verze: 2.1.8.1057
Datab·ze malwaru: v2015.09.15.03
Datab·ze rootkit˘: v2015.08.16.01
Licence: ZkuöebnÌ verze
Ochrana proti malwaru: Zapnuto
Ochrana proti ökodliv˝m webov˝m str·nk·m: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborov˝ systÈm: NTFS
Uûivatel: MARUSKA
Typ skenu: Sken hrozeb
V˝sledek: DokonËeno
Prohledan˝ch objekt˘: 377268
Uplynul˝ Ëas: 15 min, 7 sek
PamÏù: Zapnuto
Po spuötÏnÌ: Zapnuto
Souborov˝ systÈm: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Moduly: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
KlÌËe registru: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Hodnoty registru: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Data registru: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Sloûky: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Soubory: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
FyzickÈ sektory: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
(end)
Nic se z nich ale nedá vyčíst, protože to nic nenašlo. Bohužel problém stále trvá…
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Datum skenov·nÌ: 15.9.2015
»as skenov·nÌ: 11:40
Protokol: scan _ 1509.txt
Spr·vce: Ano
Verze: 2.1.8.1057
Datab·ze malwaru: v2015.09.15.03
Datab·ze rootkit˘: v2015.08.16.01
Licence: ZkuöebnÌ verze
Ochrana proti malwaru: Zapnuto
Ochrana proti ökodliv˝m webov˝m str·nk·m: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborov˝ systÈm: NTFS
Uûivatel: MARUSKA
Typ skenu: Sken hrozeb
V˝sledek: DokonËeno
Prohledan˝ch objekt˘: 377252
Uplynul˝ Ëas: 10 min, 50 sek
PamÏù: Zapnuto
Po spuötÏnÌ: Zapnuto
Souborov˝ systÈm: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Moduly: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
KlÌËe registru: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Hodnoty registru: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Data registru: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Sloûky: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Soubory: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
FyzickÈ sektory: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
(end)
-------------
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Datum skenov·nÌ: 15.9.2015
»as skenov·nÌ: 10:23
Protokol: scan _ 1509_02.txt
Spr·vce: Ano
Verze: 2.1.8.1057
Datab·ze malwaru: v2015.09.15.03
Datab·ze rootkit˘: v2015.08.16.01
Licence: ZkuöebnÌ verze
Ochrana proti malwaru: Zapnuto
Ochrana proti ökodliv˝m webov˝m str·nk·m: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborov˝ systÈm: NTFS
Uûivatel: MARUSKA
Typ skenu: Sken hrozeb
V˝sledek: DokonËeno
Prohledan˝ch objekt˘: 377268
Uplynul˝ Ëas: 15 min, 7 sek
PamÏù: Zapnuto
Po spuötÏnÌ: Zapnuto
Souborov˝ systÈm: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Moduly: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
KlÌËe registru: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Hodnoty registru: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Data registru: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Sloûky: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
Soubory: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
FyzickÈ sektory: 0
(Nenalezeny û·dnÈ ökodlivÈ poloûky)
(end)
Re: prosim o kontolu logu
Posílám ještě pro jistotu znovu RSIT log. Nějakou havěť jsme za vaší pomoci odstranili, děkuji. Bohužel to nejhorší tj. Mozilla stále samovolně otevírá okna s reklamou a firewall samovolně hlásí blokování spojení na tr553.com a intext.nav-links.com. Něco jsem našel na netu, ale popravdě to na mě působí spíš jako vábnička na doinstalování dalšího balastu…
oLogfile of random's system information tool 1.10 (written by random/random)
Run by MARUSKA at 2015-09-15 16:35:50
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 241 GB (52%) free of 461 GB
Total RAM: 3968 MB (11% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:36:15, on 15.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\MARUSKA\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Autodesk\AutoCAD 2013\AdExchange\AcBrowserHost.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\trend micro\MARUSKA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Absolute Software Agent Service (CtAgentService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Device Access Manager Usage Service (HpDamServiceHost) - Hewlett-Packard Development Company - c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP LaserJet Professional M1210 MFP Series Receive Fax Service (HPM1210RcvFaxSrvc) - HP - C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VRLService - Unknown owner - C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15390 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
winlogon.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\Hpservice.exe
"C:\Program Files\Sandboxie\SbieSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SC
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 25592624
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\Windows\system32\conhost.exe "-710839300-12823261381076397167-1124299135727019710-769629334-1285298321559273869
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe"
C:\Windows\system32\HPSIsvc.exe
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe"
C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
"c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
igfxHK.exe
igfxTray.exe
"C:\Program Files\Sandboxie\SbieCtrl.exe"
"C:\Windows\system32\igfxEM.exe" -Embedding
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe"
"C:\Program Files (x86)\Realtek\REALTEK Bluetooth\SkypePlugin.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
-Minimized
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Users\MARUSKA\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe" -showminimized -checkautorun -peruser
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\Autodesk\AutoCAD 2013\acad.exe" "C:\Users\MARUSKA\Documents\==PRÁCE==\FILM\2015\04_Underworld\SET DEC\lednice na krev\lednice na krev_20150910.dwg"
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
"C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\\WSCommCntr4.exe" -Embedding
49664
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\ProgramData\ASGVIS\Common\x64\vc101\Distributed Rendering\XMLDRSpawner.exe"
\??\C:\Windows\system32\conhost.exe "-2058975755-216396067-1335707977-1687860906-1450884532-1491094593779598750-185063994
"C:\Program Files\SketchUp\SketchUp 2015\SketchUp.exe" "C:\Users\MARUSKA\Documents\==PRÁCE==\FILM\2015\04_Underworld\SET DEC\lednice na krev\lednice na krev.skp"
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Users\MARUSKA\Desktop\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForMARUSKA.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMARUSKA (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\digitalpersona.com/ChromeDPAgent]
"Description"=
"Path"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default\extensions\
veggy@veggyAddon.com
{d2943a16-3909-ef6d-f7b2-6ac28958e68d}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-10 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
HP File Sanitizer - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05 129240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-26 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-10 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-26 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-04-16 7574896]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2014-01-06 216064]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-03 2863344]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-05 415680]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-01 36352]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2015-06-23 787592]
"AdobeBridge"= []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2014-04-01 419512]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2014-04-10 185144]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-08-25 293872]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2014-04-01 126240]
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2013-09-17 167488]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
"HP File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2014-02-05 2213592]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-08-14 39175960]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-09-05 937920]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2011-09-05 36760]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2011-09-05 2904984]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2015-09-07 523144]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-10 6111824]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ISCTSystray.lnk - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-09-15 16:35:50 ----D---- C:\rsit
2015-09-12 23:51:08 ----D---- C:\AdwCleaner
2015-09-11 01:30:22 ----D---- C:\Program Files\trend micro
2015-09-10 10:45:18 ----D---- C:\Users\MARUSKA\AppData\Roaming\AVAST Software
2015-09-10 10:44:53 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-09-10 10:44:35 ----D---- C:\ProgramData\Malwarebytes
2015-09-10 10:44:35 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-09-10 10:17:22 ----D---- C:\Program Files (x86)\Google
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-09-10 10:17:07 ----A---- C:\Windows\system32\aswBoot.exe
2015-09-10 10:17:02 ----A---- C:\Windows\avastSS.scr
2015-09-10 10:11:42 ----D---- C:\Program Files\AVAST Software
2015-09-10 10:11:05 ----D---- C:\ProgramData\AVAST Software
2015-09-09 09:44:43 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 09:44:42 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 09:44:42 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 09:44:38 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 09:44:22 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-09-09 09:44:22 ----A---- C:\Windows\system32\tzres.dll
2015-09-09 09:44:08 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-09-09 09:44:08 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-09-09 09:44:08 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-09 09:44:07 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 09:44:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 09:44:03 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 09:44:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 09:44:03 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 09:44:02 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 09:44:02 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 09:44:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 09:44:01 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 09:44:01 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 09:44:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 09:44:00 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 09:44:00 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 09:43:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 09:43:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 09:43:59 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 09:43:59 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 09:43:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 09:43:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 09:43:58 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 09:43:58 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 09:43:57 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 09:43:55 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 09:43:55 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 09:43:54 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 09:41:16 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 09:41:15 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 09:41:14 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\smss.exe
2015-09-09 09:41:13 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 09:41:13 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 09:41:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 09:41:13 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 09:41:12 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 09:41:11 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 09:41:09 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 09:40:39 ----A---- C:\Windows\system32\authui.dll
2015-09-09 09:40:38 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 09:40:38 ----A---- C:\Windows\system32\consent.exe
2015-09-09 09:40:38 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 09:40:13 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 09:40:13 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 09:40:13 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 09:40:12 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 09:39:59 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 09:39:59 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 09:39:58 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 09:39:58 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 09:39:57 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 09:39:56 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 09:39:56 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 09:38:55 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 09:38:55 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 09:38:50 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wups.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\WinSetupUI.dll
======List of files/folders modified in the last 1 month======
2015-09-15 16:25:40 ----D---- C:\Users\MARUSKA\AppData\Roaming\Skype
2015-09-15 16:01:17 ----D---- C:\Windows\Temp
2015-09-15 12:57:33 ----D---- C:\Windows
2015-09-15 10:32:28 ----D---- C:\Windows\System32
2015-09-15 10:32:28 ----D---- C:\Windows\inf
2015-09-15 10:32:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-15 10:04:28 ----D---- C:\Program Files\Adobe
2015-09-15 10:04:25 ----D---- C:\Program Files\Common Files\Adobe
2015-09-14 20:51:50 ----D---- C:\Windows\system32\config
2015-09-14 09:02:33 ----A---- C:\Windows\Sandboxie.ini
2015-09-13 23:03:48 ----D---- C:\Windows\SoftwareDistribution
2015-09-12 23:52:42 ----HD---- C:\ProgramData
2015-09-12 19:33:20 ----SHD---- C:\System Volume Information
2015-09-11 10:46:45 ----D---- C:\Windows\Panther
2015-09-11 10:37:38 ----HD---- C:\$Windows.~BT
2015-09-11 01:30:22 ----RD---- C:\Program Files
2015-09-11 01:12:45 ----D---- C:\Windows\system32\Tasks
2015-09-11 00:49:21 ----SHD---- C:\Windows\Installer
2015-09-11 00:49:21 ----D---- C:\Windows\Tasks
2015-09-11 00:32:22 ----D---- C:\Windows\system32\NDF
2015-09-11 00:16:34 ----D---- C:\Program Files (x86)\Opera
2015-09-11 00:16:00 ----D---- C:\Users\MARUSKA\AppData\Roaming\Opera Software
2015-09-10 11:15:45 ----D---- C:\Windows\system32\drivers
2015-09-10 11:15:45 ----D---- C:\Windows\IME
2015-09-10 11:03:40 ----D---- C:\Program Files\WinRAR
2015-09-10 10:59:00 ----D---- C:\Windows\Prefetch
2015-09-10 10:44:35 ----RD---- C:\Program Files (x86)
2015-09-10 10:26:48 ----SHD---- C:\$RECYCLE.BIN
2015-09-10 10:17:08 ----D---- C:\Windows\winsxs
2015-09-09 15:32:21 ----D---- C:\Windows\Microsoft.NET
2015-09-09 15:28:24 ----RSD---- C:\Windows\assembly
2015-09-09 13:11:14 ----D---- C:\Windows\debug
2015-09-09 13:05:04 ----D---- C:\Windows\SysWOW64
2015-09-09 13:05:04 ----D---- C:\Program Files\Windows Journal
2015-09-09 13:05:03 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-09 13:05:03 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-09-09 13:05:03 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 13:05:03 ----D---- C:\Windows\ehome
2015-09-09 13:05:03 ----D---- C:\Program Files\Internet Explorer
2015-09-09 13:05:02 ----D---- C:\Windows\system32\en-US
2015-09-09 13:05:02 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 13:05:01 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 13:04:59 ----D---- C:\Windows\AppPatch
2015-09-09 13:04:56 ----D---- C:\Windows\system32\Boot
2015-09-09 13:02:29 ----D---- C:\Windows\system32\MRT
2015-09-09 09:32:12 ----D---- C:\Windows\system32\catroot2
2015-09-01 11:02:31 ----D---- C:\Program Files (x86)\Dropbox
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-26 08:51:49 ----D---- C:\Windows\Minidump
2015-08-17 16:36:10 ----D---- C:\Windows\rescache
2015-08-17 08:50:00 ----SD---- C:\Windows\system32\CompatTel
2015-08-17 08:49:59 ----D---- C:\Windows\system32\appraiser
2015-08-17 08:49:57 ----D---- C:\Windows\system32\drivers\cs-CZ
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-10 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-10 274808]
R0 hpdskflt;HP Filter; C:\Windows\system32\drivers\hpdskflt.sys [2013-07-23 30520]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2015-05-29 646408]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2015-05-29 30960]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2014-08-25 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PinFile;PinFile; C:\Windows\system32\DRIVERS\PinFile.sys [2014-02-04 49856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SDDisk2K;SDDisk2K; C:\Windows\system32\DRIVERS\SDDisk2K.sys [2014-02-04 228544]
R0 SDDToki;SDDToki; C:\Windows\system32\DRIVERS\SDDToki.sys [2014-02-04 131264]
R0 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-09-10 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-10 1048344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-10 447944]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-27 90608]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-10 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-10 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-09-10 150672]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\drivers\Accelerometer.sys [2013-07-23 43320]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2013-12-04 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-11 3729920]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2013-08-09 21408]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2013-08-09 21920]
R3 INETMON;INETMON; \??\C:\windows\System32\Drivers\INETMON.sys [2013-08-08 29088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-16 3933144]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\drivers\ISCTD64.sys [2013-08-08 46568]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-08-25 383984]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-08-25 795120]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-09-15 113880]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\drivers\TeeDriverx64.sys [2013-12-10 100312]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [2014-04-01 552448]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-03-28 918232]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2014-11-17 3603672]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2015-06-23 190088]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2014-03-13 1519520]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-07-03 580336]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2013-12-04 552960]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2013-10-07 65752]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 HP1210FAX;HP1210MFP FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [2012-11-07 16896]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-02-27 272088]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2014-02-27 331992]
S3 RtkAvrcp;Realtek Bluetooth A/V Remote Control Target; C:\Windows\system32\drivers\RtkAvrcp.sys [2012-12-28 61152]
S3 RTSPER;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-03-21 476888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SmbDrv;SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [2014-04-08 30448]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [2014-04-08 31472]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-12-04 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2015-09-07 1136520]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-10 146600]
R2 AvrcpService;AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [2013-05-07 35328]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-03-06 88064]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CtAgentService;Absolute Software Agent Service; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [2014-03-31 7168]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2014-04-04 500048]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HpDamServiceHost;HP Device Access Manager Usage Service; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [2013-11-15 18232]
R2 HPFSService;HP File Sanitizer; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2014-02-05 1758936]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 362296]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2011-05-18 126520]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2013-07-23 43320]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-05-22 18672]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-03-11 282072]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-12-10 131544]
R2 ISCTAgent;Intel(R) Smart Connect Technology Agent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2013-09-07 198120]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-10 390616]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-01-08 290520]
R2 RtkBleServ;RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [2013-04-26 42496]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2015-06-23 175752]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2013-09-12 3221392]
R2 VRLService;VRLService; C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE [2014-09-05 209408]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-07-22 1357104]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2014-04-10 1448248]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2014-01-06 1243320]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-20 134512]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-03-11 279000]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-20 134512]
S3 FLCDLOCK;HP Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2013-11-20 567608]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-12 148136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
oLogfile of random's system information tool 1.10 (written by random/random)
Run by MARUSKA at 2015-09-15 16:35:50
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 241 GB (52%) free of 461 GB
Total RAM: 3968 MB (11% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:36:15, on 15.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\MARUSKA\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Autodesk\AutoCAD 2013\AdExchange\AcBrowserHost.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\trend micro\MARUSKA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Absolute Software Agent Service (CtAgentService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Device Access Manager Usage Service (HpDamServiceHost) - Hewlett-Packard Development Company - c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP LaserJet Professional M1210 MFP Series Receive Fax Service (HPM1210RcvFaxSrvc) - HP - C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VRLService - Unknown owner - C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15390 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
winlogon.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\Hpservice.exe
"C:\Program Files\Sandboxie\SbieSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SC
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 25592624
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\Windows\system32\conhost.exe "-710839300-12823261381076397167-1124299135727019710-769629334-1285298321559273869
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe"
C:\Windows\system32\HPSIsvc.exe
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe"
C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
"c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
igfxHK.exe
igfxTray.exe
"C:\Program Files\Sandboxie\SbieCtrl.exe"
"C:\Windows\system32\igfxEM.exe" -Embedding
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe"
"C:\Program Files (x86)\Realtek\REALTEK Bluetooth\SkypePlugin.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
-Minimized
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Users\MARUSKA\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe" -showminimized -checkautorun -peruser
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\Autodesk\AutoCAD 2013\acad.exe" "C:\Users\MARUSKA\Documents\==PRÁCE==\FILM\2015\04_Underworld\SET DEC\lednice na krev\lednice na krev_20150910.dwg"
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
"C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\\WSCommCntr4.exe" -Embedding
49664
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\ProgramData\ASGVIS\Common\x64\vc101\Distributed Rendering\XMLDRSpawner.exe"
\??\C:\Windows\system32\conhost.exe "-2058975755-216396067-1335707977-1687860906-1450884532-1491094593779598750-185063994
"C:\Program Files\SketchUp\SketchUp 2015\SketchUp.exe" "C:\Users\MARUSKA\Documents\==PRÁCE==\FILM\2015\04_Underworld\SET DEC\lednice na krev\lednice na krev.skp"
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Users\MARUSKA\Desktop\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForMARUSKA.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForMARUSKA (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\digitalpersona.com/ChromeDPAgent]
"Description"=
"Path"=c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default\extensions\
veggy@veggyAddon.com
{d2943a16-3909-ef6d-f7b2-6ac28958e68d}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-10 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
HP File Sanitizer - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-02-05 129240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-26 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-10 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-26 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-04-16 7574896]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2014-01-06 216064]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-03 2863344]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2012-02-05 415680]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-01 36352]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]
"SandboxieControl"=C:\Program Files\Sandboxie\SbieCtrl.exe [2015-06-23 787592]
"AdobeBridge"= []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2014-04-01 419512]
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2014-04-10 185144]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-08-25 293872]
"AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [2014-04-01 126240]
"YouCam Tray"=c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [2013-09-17 167488]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
"HP File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2014-02-05 2213592]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-08-14 39175960]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-09-05 937920]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2011-09-05 36760]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2011-09-05 2904984]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2015-09-07 523144]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-10 6111824]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ISCTSystray.lnk - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-09-15 16:35:50 ----D---- C:\rsit
2015-09-12 23:51:08 ----D---- C:\AdwCleaner
2015-09-11 01:30:22 ----D---- C:\Program Files\trend micro
2015-09-10 10:45:18 ----D---- C:\Users\MARUSKA\AppData\Roaming\AVAST Software
2015-09-10 10:44:53 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-09-10 10:44:35 ----D---- C:\ProgramData\Malwarebytes
2015-09-10 10:44:35 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-09-10 10:44:35 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-09-10 10:17:22 ----D---- C:\Program Files (x86)\Google
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-09-10 10:17:09 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-09-10 10:17:07 ----A---- C:\Windows\system32\aswBoot.exe
2015-09-10 10:17:02 ----A---- C:\Windows\avastSS.scr
2015-09-10 10:11:42 ----D---- C:\Program Files\AVAST Software
2015-09-10 10:11:05 ----D---- C:\ProgramData\AVAST Software
2015-09-09 09:44:43 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 09:44:42 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 09:44:42 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 09:44:38 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 09:44:22 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-09-09 09:44:22 ----A---- C:\Windows\system32\tzres.dll
2015-09-09 09:44:08 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-09-09 09:44:08 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-09-09 09:44:08 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-09 09:44:07 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 09:44:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 09:44:05 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 09:44:04 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 09:44:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 09:44:03 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 09:44:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 09:44:03 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 09:44:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 09:44:02 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 09:44:02 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 09:44:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 09:44:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 09:44:01 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 09:44:01 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 09:44:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 09:44:00 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 09:44:00 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 09:43:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 09:43:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 09:43:59 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 09:43:59 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 09:43:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 09:43:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 09:43:58 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 09:43:58 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 09:43:57 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 09:43:57 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 09:43:56 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 09:43:55 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 09:43:55 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 09:43:54 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 09:41:16 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 09:41:16 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 09:41:15 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 09:41:15 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 09:41:14 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 09:41:14 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 09:41:14 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 09:41:13 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\smss.exe
2015-09-09 09:41:13 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 09:41:13 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 09:41:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 09:41:13 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 09:41:13 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 09:41:12 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 09:41:12 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 09:41:12 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:41:11 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 09:41:11 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 09:41:11 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 09:41:11 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:41:10 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:41:09 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 09:41:09 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 09:41:09 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 09:41:08 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 09:41:08 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 09:40:39 ----A---- C:\Windows\system32\authui.dll
2015-09-09 09:40:38 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 09:40:38 ----A---- C:\Windows\system32\consent.exe
2015-09-09 09:40:38 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 09:40:13 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 09:40:13 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 09:40:13 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 09:40:12 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 09:40:12 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 09:39:59 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 09:39:59 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 09:39:58 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 09:39:58 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 09:39:57 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 09:39:56 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 09:39:56 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 09:38:55 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 09:38:55 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 09:38:54 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 09:38:54 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 09:38:50 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 09:38:50 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 09:38:49 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wups.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 09:38:49 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 09:38:49 ----A---- C:\Windows\system32\WinSetupUI.dll
======List of files/folders modified in the last 1 month======
2015-09-15 16:25:40 ----D---- C:\Users\MARUSKA\AppData\Roaming\Skype
2015-09-15 16:01:17 ----D---- C:\Windows\Temp
2015-09-15 12:57:33 ----D---- C:\Windows
2015-09-15 10:32:28 ----D---- C:\Windows\System32
2015-09-15 10:32:28 ----D---- C:\Windows\inf
2015-09-15 10:32:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-15 10:04:28 ----D---- C:\Program Files\Adobe
2015-09-15 10:04:25 ----D---- C:\Program Files\Common Files\Adobe
2015-09-14 20:51:50 ----D---- C:\Windows\system32\config
2015-09-14 09:02:33 ----A---- C:\Windows\Sandboxie.ini
2015-09-13 23:03:48 ----D---- C:\Windows\SoftwareDistribution
2015-09-12 23:52:42 ----HD---- C:\ProgramData
2015-09-12 19:33:20 ----SHD---- C:\System Volume Information
2015-09-11 10:46:45 ----D---- C:\Windows\Panther
2015-09-11 10:37:38 ----HD---- C:\$Windows.~BT
2015-09-11 01:30:22 ----RD---- C:\Program Files
2015-09-11 01:12:45 ----D---- C:\Windows\system32\Tasks
2015-09-11 00:49:21 ----SHD---- C:\Windows\Installer
2015-09-11 00:49:21 ----D---- C:\Windows\Tasks
2015-09-11 00:32:22 ----D---- C:\Windows\system32\NDF
2015-09-11 00:16:34 ----D---- C:\Program Files (x86)\Opera
2015-09-11 00:16:00 ----D---- C:\Users\MARUSKA\AppData\Roaming\Opera Software
2015-09-10 11:15:45 ----D---- C:\Windows\system32\drivers
2015-09-10 11:15:45 ----D---- C:\Windows\IME
2015-09-10 11:03:40 ----D---- C:\Program Files\WinRAR
2015-09-10 10:59:00 ----D---- C:\Windows\Prefetch
2015-09-10 10:44:35 ----RD---- C:\Program Files (x86)
2015-09-10 10:26:48 ----SHD---- C:\$RECYCLE.BIN
2015-09-10 10:17:08 ----D---- C:\Windows\winsxs
2015-09-09 15:32:21 ----D---- C:\Windows\Microsoft.NET
2015-09-09 15:28:24 ----RSD---- C:\Windows\assembly
2015-09-09 13:11:14 ----D---- C:\Windows\debug
2015-09-09 13:05:04 ----D---- C:\Windows\SysWOW64
2015-09-09 13:05:04 ----D---- C:\Program Files\Windows Journal
2015-09-09 13:05:03 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-09 13:05:03 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-09-09 13:05:03 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 13:05:03 ----D---- C:\Windows\ehome
2015-09-09 13:05:03 ----D---- C:\Program Files\Internet Explorer
2015-09-09 13:05:02 ----D---- C:\Windows\system32\en-US
2015-09-09 13:05:02 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 13:05:01 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 13:04:59 ----D---- C:\Windows\AppPatch
2015-09-09 13:04:56 ----D---- C:\Windows\system32\Boot
2015-09-09 13:02:29 ----D---- C:\Windows\system32\MRT
2015-09-09 09:32:12 ----D---- C:\Windows\system32\catroot2
2015-09-01 11:02:31 ----D---- C:\Program Files (x86)\Dropbox
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-26 08:51:49 ----D---- C:\Windows\Minidump
2015-08-17 16:36:10 ----D---- C:\Windows\rescache
2015-08-17 08:50:00 ----SD---- C:\Windows\system32\CompatTel
2015-08-17 08:49:59 ----D---- C:\Windows\system32\appraiser
2015-08-17 08:49:57 ----D---- C:\Windows\system32\drivers\cs-CZ
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-10 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-10 274808]
R0 hpdskflt;HP Filter; C:\Windows\system32\drivers\hpdskflt.sys [2013-07-23 30520]
R0 iaStorA;iaStorA; C:\Windows\system32\drivers\iaStorA.sys [2015-05-29 646408]
R0 iaStorF;iaStorF; C:\Windows\system32\drivers\iaStorF.sys [2015-05-29 30960]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\drivers\iusb3hcs.sys [2014-08-25 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PinFile;PinFile; C:\Windows\system32\DRIVERS\PinFile.sys [2014-02-04 49856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SDDisk2K;SDDisk2K; C:\Windows\system32\DRIVERS\SDDisk2K.sys [2014-02-04 228544]
R0 SDDToki;SDDToki; C:\Windows\system32\DRIVERS\SDDToki.sys [2014-02-04 131264]
R0 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-09-10 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-10 1048344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-10 447944]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2011-12-27 90608]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-10 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-10 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-09-10 150672]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\drivers\Accelerometer.sys [2013-07-23 43320]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2013-12-04 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-11 3729920]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2013-08-09 21408]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2013-08-09 21920]
R3 INETMON;INETMON; \??\C:\windows\System32\Drivers\INETMON.sys [2013-08-08 29088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-04-16 3933144]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\drivers\ISCTD64.sys [2013-08-08 46568]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-08-25 383984]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-08-25 795120]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-09-15 113880]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\drivers\TeeDriverx64.sys [2013-12-10 100312]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [2014-04-01 552448]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-03-28 918232]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2014-11-17 3603672]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys [2015-06-23 190088]
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2014-03-13 1519520]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2015-07-03 580336]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2013-12-04 552960]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv64.sys [2013-10-07 65752]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 HP1210FAX;HP1210MFP FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [2012-11-07 16896]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2014-02-27 272088]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2014-02-27 331992]
S3 RtkAvrcp;Realtek Bluetooth A/V Remote Control Target; C:\Windows\system32\drivers\RtkAvrcp.sys [2012-12-28 61152]
S3 RTSPER;Realtek PCIE Card Reader - PER; C:\Windows\system32\DRIVERS\RtsPer.sys [2014-03-21 476888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SmbDrv;SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [2014-04-08 30448]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [2014-04-08 31472]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-12-04 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2015-09-07 1136520]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-10 146600]
R2 AvrcpService;AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [2013-05-07 35328]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-03-06 88064]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CtAgentService;Absolute Software Agent Service; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [2014-03-31 7168]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2014-04-04 500048]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HpDamServiceHost;HP Device Access Manager Usage Service; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [2013-11-15 18232]
R2 HPFSService;HP File Sanitizer; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2014-02-05 1758936]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 362296]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2011-05-18 126520]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2013-07-23 43320]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-05-22 18672]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-03-11 282072]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-12-10 131544]
R2 ISCTAgent;Intel(R) Smart Connect Technology Agent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2013-09-07 198120]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-10 390616]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-01-08 290520]
R2 RtkBleServ;RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [2013-04-26 42496]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2015-06-23 175752]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2013-09-12 3221392]
R2 VRLService;VRLService; C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE [2014-09-05 209408]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-07-22 1357104]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2014-04-10 1448248]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2014-01-06 1243320]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-20 134512]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-03-11 279000]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-20 134512]
S3 FLCDLOCK;HP Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2013-11-20 567608]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-12 148136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontolu logu
Zkuste spustit Zoek:
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o kontolu logu
Posílám log a hurá, zdá se, že to přestalo!!! 
Děkuji
Zoek.exe v5.0.0.0 Updated 15-09-2015
Tool run by MARUSKA on st 16.09.2015 at 0:43:50,52.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\MARUSKA\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2015-09-15-165304.log 422 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\Validity deleted successfully
C:\Users\MARUSKA\AppData\Roaming\Opera Software deleted successfully
C:\Users\MARUSKA\AppData\Local\CrashDumps deleted successfully
C:\Users\MARUSKA\AppData\Local\Opera Software deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.cz/");
Added to C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default\prefs.js:
==== Deleting Files \ Folders ======================
C:\PROGRA~3\hpdam_install_log.txt deleted
C:\PROGRA~3\HPFileSanitizer_Install_Log.txt deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\MARUSKA\AppData\Local\BTServer.log deleted
C:\Users\MARUSKA\AppData\Local\cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default\extensions\{d2943a16-3909-ef6d-f7b2-6ac28958e68d} deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [10.09.2015 10:17]
==== Firefox Extensions ======================
ProfilePath: C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default
EC55112EDB2CE5BC2BFCACDB9C2150F4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll - Shockwave Flash
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[10.09.2015 10:16]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[10.09.2015 10:16]
ncffjdbbodifgldkcbhmiiljfcnbgjab - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx[29.03.2014 01:54]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.cz/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.cz/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... c=CMNTDFJS"
==== Reset Google Chrome ======================
Nothing found to reset
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\MARUSKA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1Q4R2UWO will be deleted at reboot
C:\Users\MARUSKA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4ZN3JCKN will be deleted at reboot
C:\Users\MARUSKA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\74EMB1ZK will be deleted at reboot
C:\Users\MARUSKA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O1Y956JS will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=185 folders=30 311296584 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\MARUSKA\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\MARUSKA\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\MARUSKA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1Q4R2UWO" not found
"C:\Users\MARUSKA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4ZN3JCKN" not found
"C:\Users\MARUSKA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\74EMB1ZK" not found
"C:\Users\MARUSKA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O1Y956JS" not found
==== EOF on st 16.09.2015 at 1:28:33,37 ======================
Děkuji
Zoek.exe v5.0.0.0 Updated 15-09-2015
Tool run by MARUSKA on st 16.09.2015 at 0:43:50,52.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\MARUSKA\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2015-09-15-165304.log 422 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\Validity deleted successfully
C:\Users\MARUSKA\AppData\Roaming\Opera Software deleted successfully
C:\Users\MARUSKA\AppData\Local\CrashDumps deleted successfully
C:\Users\MARUSKA\AppData\Local\Opera Software deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.cz/");
Added to C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default\prefs.js:
==== Deleting Files \ Folders ======================
C:\PROGRA~3\hpdam_install_log.txt deleted
C:\PROGRA~3\HPFileSanitizer_Install_Log.txt deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\MARUSKA\AppData\Local\BTServer.log deleted
C:\Users\MARUSKA\AppData\Local\cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default\extensions\{d2943a16-3909-ef6d-f7b2-6ac28958e68d} deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [10.09.2015 10:17]
==== Firefox Extensions ======================
ProfilePath: C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\MARUSKA\AppData\Roaming\Mozilla\Firefox\Profiles\3mcq3ydp.default
EC55112EDB2CE5BC2BFCACDB9C2150F4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll - Shockwave Flash
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[10.09.2015 10:16]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[10.09.2015 10:16]
ncffjdbbodifgldkcbhmiiljfcnbgjab - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx[29.03.2014 01:54]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.cz/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.cz/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... c=CMNTDFJS"
==== Reset Google Chrome ======================
Nothing found to reset
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\MARUSKA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1Q4R2UWO will be deleted at reboot
C:\Users\MARUSKA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4ZN3JCKN will be deleted at reboot
C:\Users\MARUSKA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\74EMB1ZK will be deleted at reboot
C:\Users\MARUSKA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O1Y956JS will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=185 folders=30 311296584 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\MARUSKA\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\MARUSKA\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\MARUSKA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1Q4R2UWO" not found
"C:\Users\MARUSKA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4ZN3JCKN" not found
"C:\Users\MARUSKA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\74EMB1ZK" not found
"C:\Users\MARUSKA\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O1Y956JS" not found
==== EOF on st 16.09.2015 at 1:28:33,37 ======================
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o kontolu logu
Vše smazáno.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?