Dobrý den,
prosím o kontrolu logu. Po nastartování PC asi 3 minuty nefunguje myš. Pak se to nějak rozběhne. Ne že by nešla, ale levé tlačítko je pravé a občas nereaguje. Po uplynutí nějaké doby vše OK. Děkuji.
Logfile of random's system information tool 1.10 (written by random/random)
Run by d at 2015-09-13 12:34:24
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 11 GB (13%) free of 82 GB
Total RAM: 4022 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:34:29, on 13.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\d.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: VideoBrowser Camera Monitor.lnk = C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA WMI Provider (NVWMI) - Unknown owner - C:\Windows\system32\nvwmi64.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 9942 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Windows\system32\nvwmi64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\nvwmi64.exe -spawnprovider
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\Windows\system32\WLANExt.exe 25171024
\??\C:\Windows\system32\conhost.exe "1178089835182535692712847672382042351645-1645656262-357554136-1741850305-543761062
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\DellTPad\Apoint.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe"
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe"
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"Apntex.exe"
"C:\Program Files\DellTPad\HidFind.exe"
"C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe"
\??\C:\Windows\system32\conhost.exe "-1021995617-27057881387737079-18247351451535521498536274816-919368100392006411
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
C:\Windows\SysWOW64\srvany.exe
C:\Windows\KMService.exe
\??\C:\Windows\system32\conhost.exe "522531624-1395184021-131588997110413637851875844091297481792-14474306941090333664
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-06408a8d-9bc0-4762-9f33-5246666cfe3b -SystemEventPortName:HostProcess-1f8a219b-f520-4fc6-90d4-87dd5a88bf04 -IoCancelEventPortName:HostProcess-3b6a215a-f70b-4117-adc0-904eae6febc5 -NonStateChangingEventPortName:HostProcess-c5d19f9e-1285-49d2-a8b9-bb3ab2b91db8 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3a4c1610-eefe-454a-a360-16e983cbb6fc -DeviceGroupId:
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
taskeng.exe {0697DC66-A456-4219-AB0B-39E095E5A2F5}
"D:\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\d\AppData\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default
prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Users\d\AppData\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\extensions\
ffxtlbr@zonealarm.com
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\d\AppData\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\searchplugins\
default-search.xml
funmoods.xml
zonealarm.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll [2010-04-13 75592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-28 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-20 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-28 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll [2010-04-13 63304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll [2010-04-13 454472]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll [2010-04-13 206152]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2011-07-20 611192]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-08-17 487424]
"FreeFallProtection"=C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [2011-07-25 686704]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-09-05 2722080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-07-25 1562264]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-20 8455960]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-20 6109776]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-07-25 311616]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-07-23 134624]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2014-08-01 49976]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
VideoBrowser Camera Monitor.lnk - C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux1"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-09-13 12:34:24 ----D---- C:\rsit
2015-09-13 12:34:24 ----D---- C:\Program Files\trend micro
2015-09-12 22:38:03 ----RD---- C:\Program Files (x86)\Skype
2015-09-09 13:50:42 ----D---- C:\Windows\rescache
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wups.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-09-09 09:28:45 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 09:28:45 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 09:28:45 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 09:28:43 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 09:23:49 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-09-09 09:23:49 ----A---- C:\Windows\system32\tzres.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-09-09 09:23:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 09:23:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 09:23:47 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-09 09:23:47 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 09:23:46 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 09:23:46 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 09:23:46 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 09:23:45 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 09:23:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 09:23:45 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 09:23:45 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 09:23:45 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 09:23:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 09:23:44 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 09:23:44 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 09:23:44 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 09:23:43 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 09:23:43 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 09:23:43 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 09:23:42 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 09:23:42 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 09:23:42 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 09:23:42 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 09:23:39 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 09:23:22 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 09:23:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 09:23:22 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\smss.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 09:23:10 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 09:23:10 ----A---- C:\Windows\system32\consent.exe
2015-09-09 09:23:10 ----A---- C:\Windows\system32\authui.dll
2015-09-09 09:23:10 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 09:23:06 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 09:23:05 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 09:23:05 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 09:23:05 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 09:23:05 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 09:23:05 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 09:23:05 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 09:23:02 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 09:00:15 ----SD---- C:\Windows\SYSWOW64\Microsoft
2015-09-08 21:10:14 ----A---- C:\RTF.TXT
2015-09-06 09:07:56 ----D---- C:\Tale of Tales 2015 1080p BRRip x264 DTS-JYK
2015-08-28 07:46:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2015-09-13 12:34:26 ----D---- C:\Windows\Temp
2015-09-13 12:34:24 ----RD---- C:\Program Files
2015-09-13 12:20:15 ----D---- C:\Windows\System32
2015-09-13 12:20:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-13 12:16:02 ----D---- C:\Windows\system32\config
2015-09-13 12:15:44 ----D---- C:\ProgramData\NVIDIA
2015-09-12 22:38:12 ----D---- C:\Users\d\AppData\Roaming\Skype
2015-09-12 22:38:07 ----SHD---- C:\Windows\Installer
2015-09-12 22:38:07 ----HD---- C:\Config.Msi
2015-09-12 22:38:03 ----RD---- C:\Program Files (x86)
2015-09-12 22:38:03 ----D---- C:\Program Files (x86)\Common Files
2015-09-12 22:38:02 ----D---- C:\Windows\SysWOW64
2015-09-12 22:38:02 ----D---- C:\ProgramData\Skype
2015-09-12 22:36:25 ----D---- C:\Program Files (x86)\Adobe
2015-09-12 22:33:45 ----SD---- C:\Users\d\AppData\Roaming\Microsoft
2015-09-12 21:16:39 ----D---- C:\Windows\inf
2015-09-12 21:16:24 ----D---- C:\Windows
2015-09-12 21:14:52 ----D---- C:\Windows\SoftwareDistribution
2015-09-12 21:14:36 ----D---- C:\Windows\debug
2015-09-12 21:14:10 ----D---- C:\Program Files\CCleaner
2015-09-09 13:20:42 ----D---- C:\Windows\Microsoft.NET
2015-09-09 13:04:02 ----RSD---- C:\Windows\assembly
2015-09-09 12:55:01 ----D---- C:\Windows\winsxs
2015-09-09 12:54:08 ----D---- C:\Program Files\Windows Journal
2015-09-09 12:54:07 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-09 12:54:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-09-09 12:54:07 ----D---- C:\Windows\system32\en-US
2015-09-09 12:54:07 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 12:54:07 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 12:54:07 ----D---- C:\Windows\ehome
2015-09-09 12:54:07 ----D---- C:\Program Files\Internet Explorer
2015-09-09 12:54:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 12:54:05 ----D---- C:\Windows\system32\drivers
2015-09-09 12:54:05 ----D---- C:\Windows\system32\Boot
2015-09-09 12:54:05 ----D---- C:\Windows\AppPatch
2015-09-09 10:22:29 ----D---- C:\Windows\system32\MRT
2015-09-09 09:22:52 ----D---- C:\Windows\system32\catroot2
2015-09-08 19:42:15 ----D---- C:\Users\d\AppData\Roaming\uTorrent
2015-09-07 19:46:44 ----D---- C:\Users\d\AppData\Roaming\vlc
2015-09-02 18:17:42 ----D---- C:\Windows\twain_32
2015-08-29 07:34:56 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-17 20:23:37 ----D---- C:\HERE 2015 Q1
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-20 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-20 274808]
R0 hotcore3;hotcore3; C:\Windows\SysWOW64\drivers\hotcore3.sys [2007-03-07 35096]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-07-20 115152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2014-11-22 198944]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2011-07-15 22128]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-20 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-20 1048856]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-20 447944]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-07-23 450456]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-20 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-20 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-20 150160]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-20 273824]
R3 Acceler;Accelerometer Service; C:\Windows\system32\DRIVERS\accelern.sys [2011-07-22 27760]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-05-25 368464]
R3 BCM43XX;Ovladač pro bezdrátovou síťovou kartu DW WLAN; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-01-18 4719680]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 cvusbdrv;Dell ControlVault; C:\Windows\System32\Drivers\cvusbdrv.sys [2010-08-24 38440]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2010-04-06 301232]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-09-05 196384]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-08-17 515584]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUsb;Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 110336]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys []
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-03-11 14464]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2010-08-17 89600]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-20 146600]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2011-01-31 1035680]
R2 Credential Vault Host Storage;Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2011-01-31 36768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-12-11 89864]
R2 KMService;KMService; C:\Windows\syswow64\srvany.exe [2014-11-22 8192]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-30 920864]
R2 NVWMI;NVIDIA WMI Provider; C:\Windows\system32\nvwmi64.exe [2013-09-05 1290016]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2010-08-17 263168]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-08-29 414496]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-07-23 3596240]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-20 4047768]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [2007-03-15 2233400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-28 149160]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-22 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
špatná funkce myši
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119674
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: špatná funkce myši
Zdravím!
Zkuste se v ovl. panelech podívat na nastavení myši, příp. upravte. Pokud to nepomůže, na zkoušku myš vyměňte. Tento problém často bývá hardwarový.
Zkuste se v ovl. panelech podívat na nastavení myši, příp. upravte. Pokud to nepomůže, na zkoušku myš vyměňte. Tento problém často bývá hardwarový.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Radek.Juracak
- Návštěvník
- Příspěvky: 114
- Registrován: 14 led 2006 16:33
Re: špatná funkce myši
Já zapoměl uvést, že to dělá i touchpad, ikdyž není připojena myš... Je log OK? Děkuji
-
Rudy
- Site Admin
- Příspěvky: 119674
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: špatná funkce myši
Aha, to je jiná. Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Radek.Juracak
- Návštěvník
- Příspěvky: 114
- Registrován: 14 led 2006 16:33
Re: špatná funkce myši
Díky a dále přikládám log. Co nyní?
# AdwCleaner v5.007 - Logfile created 13/09/2015 at 21:35:25
# Updated 08/09/2015 by Xplode
# Database : 2015-09-10.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : d - EVCA-PC
# Running from : C:\Users\d\Desktop\adwcleaner_5.007.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\SupTab
[-] Folder Deleted : C:\Program Files (x86)\Techgile
[-] Folder Deleted : C:\Program Files (x86)\Check Point Software Technologies LTD
[-] Folder Deleted : C:\Program Files (x86)\myfree codec
[-] Folder Deleted : C:\ProgramData\IePluginServices
[-] Folder Deleted : C:\ProgramData\smdmf
[-] Folder Deleted : C:\ProgramData\WindowsMangerProtect
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Folder Deleted : C:\Users\d\Appdata\LocalLow\Funmoods
[-] Folder Deleted : C:\Users\d\Appdata\Roaming\FirefoxToolbar
[-] Folder Deleted : C:\Users\d\Appdata\Roaming\Systweak
[-] Folder Deleted : C:\Users\d\Appdata\Roaming\Check Point Software Technologies LTD
[-] Folder Deleted : C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\Extensions\ffxtlbr@zonealarm.com
[-] Folder Deleted : C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
***** [ Files ] *****
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
[-] File Deleted : C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\invalidprefs.js
[-] File Deleted : C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\searchplugins\default-search.xml
[-] File Deleted : C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\searchplugins\funmoods.xml
[-] File Deleted : C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\searchplugins\zonealarm.xml
[-] File Deleted : C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\user.js
[-] File Deleted : C:\Windows\Sysnative\roboot64.exe
[-] File Deleted : C:\Windows\Sysnative\drivers\{b858b34e-1976-4315-9009-36b04b2970ef}Gw64.sys
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : ASP
[-] Task Deleted : LaunchSignup
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
[-] Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
[-] Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\SmdmF
[-] Key Deleted : HKCU\Software\SupHpUISoft
[-] Key Deleted : HKCU\Software\systweak
[-] Key Deleted : HKCU\Software\CoinisRS
[-] Key Deleted : HKCU\Software\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKLM\SOFTWARE\SmdmF
[-] Key Deleted : HKLM\SOFTWARE\SupDp
[-] Key Deleted : HKLM\SOFTWARE\SupTab
[-] Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[!] Key Not Deleted : [x64] HKCU\Software\Myfree Codec
[!] Key Not Deleted : [x64] HKCU\Software\SmdmF
[!] Key Not Deleted : [x64] HKCU\Software\SupHpUISoft
[!] Key Not Deleted : [x64] HKCU\Software\systweak
[!] Key Not Deleted : [x64] HKCU\Software\CoinisRS
[!] Key Not Deleted : [x64] HKCU\Software\Linkey
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D7A47055-152E-4DEC-89B8-CEBDCCA886D4}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D7A47055-152E-4DEC-89B8-CEBDCCA886D4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
[!] Key Not Deleted : HKU\S-1-5-21-3466688151-3585226628-1859684501-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[!] Key Not Deleted : HKU\S-1-5-21-3466688151-3585226628-1859684501-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
[!] Key Not Deleted : HKU\S-1-5-21-3466688151-3585226628-1859684501-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D7A47055-152E-4DEC-89B8-CEBDCCA886D4}
***** [ Web browsers ] *****
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.aflt", "ddrnw");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.dfltLng", "");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.dfltSrch", true);
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.dnsErr", true);
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.excTlbr", false);
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.hmpg", true);
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=ddrnw");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.id", "6c34251d00000000000078e40083f071");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.instlDay", "16416");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.instlRef", "");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.newTab", true);
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=ddrnw");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.prdct", "funmoods");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.tlbrId", "base");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=ddrnw&q=");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1619:06:02");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.zonealarm.hmpgUrl", "hxxp://search.zonealarm.com/?src=hp&tbid=HFA5&Lan=EN&gu=f69edd83e6854902a04425f794190642&tu=10Gpy00H22D30q0&sku=&tstsId=&ver=&");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.zonealarm.kw_url", "hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=EN&gu=0c99c43f6f09455d95c5d6d6e1ccfc6b&tu=10Gpy00HX2D30q0&sku=&tstsId=&ver=&&q=");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.zonealarm.newTabUrl", "hxxp://search.zonealarm.com/?src=nt&tbid=HFA5&Lan=EN&gu=f69edd83e6854902a04425f794190642&tu=10Gpy00H22D30q0&sku=&tstsId=&ver=&");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.zonealarm.tlbrSrchUrl", "hxxp://search.zonealarm.com/search?src=tb&tbid=HFA5&Lan={dfltLng}&gu=0c99c43f6f09455d95c5d6d6e1ccfc6b&tu=10Gpy00HX2D30q0&sku=&tstsId=&ver=&&q=");
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [15630 bytes] ##########
# AdwCleaner v5.007 - Logfile created 13/09/2015 at 21:35:25
# Updated 08/09/2015 by Xplode
# Database : 2015-09-10.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : d - EVCA-PC
# Running from : C:\Users\d\Desktop\adwcleaner_5.007.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\SupTab
[-] Folder Deleted : C:\Program Files (x86)\Techgile
[-] Folder Deleted : C:\Program Files (x86)\Check Point Software Technologies LTD
[-] Folder Deleted : C:\Program Files (x86)\myfree codec
[-] Folder Deleted : C:\ProgramData\IePluginServices
[-] Folder Deleted : C:\ProgramData\smdmf
[-] Folder Deleted : C:\ProgramData\WindowsMangerProtect
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Folder Deleted : C:\Users\d\Appdata\LocalLow\Funmoods
[-] Folder Deleted : C:\Users\d\Appdata\Roaming\FirefoxToolbar
[-] Folder Deleted : C:\Users\d\Appdata\Roaming\Systweak
[-] Folder Deleted : C:\Users\d\Appdata\Roaming\Check Point Software Technologies LTD
[-] Folder Deleted : C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\Extensions\ffxtlbr@zonealarm.com
[-] Folder Deleted : C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
***** [ Files ] *****
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
[-] File Deleted : C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\invalidprefs.js
[-] File Deleted : C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\searchplugins\default-search.xml
[-] File Deleted : C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\searchplugins\funmoods.xml
[-] File Deleted : C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\searchplugins\zonealarm.xml
[-] File Deleted : C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\user.js
[-] File Deleted : C:\Windows\Sysnative\roboot64.exe
[-] File Deleted : C:\Windows\Sysnative\drivers\{b858b34e-1976-4315-9009-36b04b2970ef}Gw64.sys
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : ASP
[-] Task Deleted : LaunchSignup
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
[-] Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
[-] Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\SmdmF
[-] Key Deleted : HKCU\Software\SupHpUISoft
[-] Key Deleted : HKCU\Software\systweak
[-] Key Deleted : HKCU\Software\CoinisRS
[-] Key Deleted : HKCU\Software\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKLM\SOFTWARE\SmdmF
[-] Key Deleted : HKLM\SOFTWARE\SupDp
[-] Key Deleted : HKLM\SOFTWARE\SupTab
[-] Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[!] Key Not Deleted : [x64] HKCU\Software\Myfree Codec
[!] Key Not Deleted : [x64] HKCU\Software\SmdmF
[!] Key Not Deleted : [x64] HKCU\Software\SupHpUISoft
[!] Key Not Deleted : [x64] HKCU\Software\systweak
[!] Key Not Deleted : [x64] HKCU\Software\CoinisRS
[!] Key Not Deleted : [x64] HKCU\Software\Linkey
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D7A47055-152E-4DEC-89B8-CEBDCCA886D4}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D7A47055-152E-4DEC-89B8-CEBDCCA886D4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
[!] Key Not Deleted : HKU\S-1-5-21-3466688151-3585226628-1859684501-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[!] Key Not Deleted : HKU\S-1-5-21-3466688151-3585226628-1859684501-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
[!] Key Not Deleted : HKU\S-1-5-21-3466688151-3585226628-1859684501-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D7A47055-152E-4DEC-89B8-CEBDCCA886D4}
***** [ Web browsers ] *****
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.aflt", "ddrnw");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.dfltLng", "");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.dfltSrch", true);
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.dnsErr", true);
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.excTlbr", false);
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.hmpg", true);
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=ddrnw");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.id", "6c34251d00000000000078e40083f071");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.instlDay", "16416");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.instlRef", "");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.newTab", true);
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=ddrnw");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.prdct", "funmoods");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.tlbrId", "base");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=ddrnw&q=");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1619:06:02");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.zonealarm.hmpgUrl", "hxxp://search.zonealarm.com/?src=hp&tbid=HFA5&Lan=EN&gu=f69edd83e6854902a04425f794190642&tu=10Gpy00H22D30q0&sku=&tstsId=&ver=&");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.zonealarm.kw_url", "hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=EN&gu=0c99c43f6f09455d95c5d6d6e1ccfc6b&tu=10Gpy00HX2D30q0&sku=&tstsId=&ver=&&q=");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.zonealarm.newTabUrl", "hxxp://search.zonealarm.com/?src=nt&tbid=HFA5&Lan=EN&gu=f69edd83e6854902a04425f794190642&tu=10Gpy00H22D30q0&sku=&tstsId=&ver=&");
[-] [C:\Users\d\Appdata\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default\prefs.js] [Preference] Deleted : user_pref("extensions.zonealarm.tlbrSrchUrl", "hxxp://search.zonealarm.com/search?src=tb&tbid=HFA5&Lan={dfltLng}&gu=0c99c43f6f09455d95c5d6d6e1ccfc6b&tu=10Gpy00HX2D30q0&sku=&tstsId=&ver=&&q=");
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [15630 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119674
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: špatná funkce myši
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Radek.Juracak
- Návštěvník
- Příspěvky: 114
- Registrován: 14 led 2006 16:33
Re: špatná funkce myši
Dobrý den, děkuji a posílám log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by d at 2015-09-14 20:37:18
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 10 GB (12%) free of 82 GB
Total RAM: 4022 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:37:19, on 14.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\trend micro\d.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: VideoBrowser Camera Monitor.lnk = C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA WMI Provider (NVWMI) - Unknown owner - C:\Windows\system32\nvwmi64.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 9982 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Windows\system32\nvwmi64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\nvwmi64.exe -spawnprovider
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\Windows\system32\WLANExt.exe 28898384
\??\C:\Windows\system32\conhost.exe "-6644834618049791711225847030736111785-490882045145704035910251641991912101556
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\DellTPad\Apoint.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe"
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe"
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"Apntex.exe"
"C:\Program Files\DellTPad\HidFind.exe"
\??\C:\Windows\system32\conhost.exe "435830208-1876855541142809987111639552411146073045-334859239-470530592-395289102
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
C:\Windows\SysWOW64\srvany.exe
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
C:\Windows\KMService.exe
\??\C:\Windows\system32\conhost.exe "361940760-12736524746701811071199627190-1755366198-580013877-207334564-1207872772
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-97fb6c29-861c-449d-b8b5-eee354ea3621 -SystemEventPortName:HostProcess-501b4b64-f71a-47f2-8919-b60a045327c1 -IoCancelEventPortName:HostProcess-0f3f03c6-f285-4dad-b6a8-a9920596fff0 -NonStateChangingEventPortName:HostProcess-d9476c81-db44-4c9c-ac60-d6139df5cd4a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9ffb6335-311a-429d-b9f2-7bd1daae6c53 -DeviceGroupId:
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\totalcmd\TOTALCMD.EXE"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"D:\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\d\AppData\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default
prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll [2010-04-13 75592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-28 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-20 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-28 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll [2010-04-13 63304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll [2010-04-13 454472]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll [2010-04-13 206152]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2011-07-20 611192]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-08-17 487424]
"FreeFallProtection"=C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [2011-07-25 686704]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-09-05 2722080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-07-25 1562264]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-20 8455960]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-20 6109776]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-07-25 311616]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-07-23 134624]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2014-08-01 49976]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
VideoBrowser Camera Monitor.lnk - C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux1"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-09-13 21:33:10 ----D---- C:\AdwCleaner
2015-09-13 12:34:24 ----D---- C:\rsit
2015-09-13 12:34:24 ----D---- C:\Program Files\trend micro
2015-09-12 22:38:03 ----RD---- C:\Program Files (x86)\Skype
2015-09-09 13:50:42 ----D---- C:\Windows\rescache
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wups.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-09-09 09:28:45 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 09:28:45 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 09:28:45 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 09:28:43 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 09:23:49 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-09-09 09:23:49 ----A---- C:\Windows\system32\tzres.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-09-09 09:23:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 09:23:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 09:23:47 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-09 09:23:47 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 09:23:46 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 09:23:46 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 09:23:46 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 09:23:45 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 09:23:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 09:23:45 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 09:23:45 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 09:23:45 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 09:23:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 09:23:44 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 09:23:44 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 09:23:44 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 09:23:43 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 09:23:43 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 09:23:43 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 09:23:42 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 09:23:42 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 09:23:42 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 09:23:42 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 09:23:39 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 09:23:22 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 09:23:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 09:23:22 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\smss.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 09:23:10 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 09:23:10 ----A---- C:\Windows\system32\consent.exe
2015-09-09 09:23:10 ----A---- C:\Windows\system32\authui.dll
2015-09-09 09:23:10 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 09:23:06 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 09:23:05 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 09:23:05 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 09:23:05 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 09:23:05 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 09:23:05 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 09:23:05 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 09:23:02 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 09:00:15 ----SD---- C:\Windows\SYSWOW64\Microsoft
2015-09-06 09:07:56 ----D---- C:\Tale of Tales 2015 1080p BRRip x264 DTS-JYK
2015-08-28 07:46:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2015-09-14 20:37:11 ----D---- C:\Windows\Temp
2015-09-14 19:00:52 ----D---- C:\Windows\system32\config
2015-09-14 18:54:57 ----D---- C:\Windows\System32
2015-09-14 18:54:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-14 18:50:35 ----D---- C:\ProgramData\NVIDIA
2015-09-13 21:35:37 ----D---- C:\Windows\system32\Tasks
2015-09-13 21:35:36 ----D---- C:\Windows\system32\drivers
2015-09-13 21:35:30 ----HD---- C:\ProgramData
2015-09-13 21:35:29 ----RD---- C:\Program Files (x86)
2015-09-13 12:34:24 ----RD---- C:\Program Files
2015-09-12 22:38:12 ----D---- C:\Users\d\AppData\Roaming\Skype
2015-09-12 22:38:07 ----SHD---- C:\Windows\Installer
2015-09-12 22:38:07 ----HD---- C:\Config.Msi
2015-09-12 22:38:03 ----D---- C:\Program Files (x86)\Common Files
2015-09-12 22:38:02 ----D---- C:\Windows\SysWOW64
2015-09-12 22:38:02 ----D---- C:\ProgramData\Skype
2015-09-12 22:36:25 ----D---- C:\Program Files (x86)\Adobe
2015-09-12 22:33:45 ----SD---- C:\Users\d\AppData\Roaming\Microsoft
2015-09-12 21:16:39 ----D---- C:\Windows\inf
2015-09-12 21:16:24 ----D---- C:\Windows
2015-09-12 21:14:52 ----D---- C:\Windows\SoftwareDistribution
2015-09-12 21:14:36 ----D---- C:\Windows\debug
2015-09-12 21:14:10 ----D---- C:\Program Files\CCleaner
2015-09-09 13:20:42 ----D---- C:\Windows\Microsoft.NET
2015-09-09 13:04:02 ----RSD---- C:\Windows\assembly
2015-09-09 12:55:01 ----D---- C:\Windows\winsxs
2015-09-09 12:54:08 ----D---- C:\Program Files\Windows Journal
2015-09-09 12:54:07 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-09 12:54:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-09-09 12:54:07 ----D---- C:\Windows\system32\en-US
2015-09-09 12:54:07 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 12:54:07 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 12:54:07 ----D---- C:\Windows\ehome
2015-09-09 12:54:07 ----D---- C:\Program Files\Internet Explorer
2015-09-09 12:54:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 12:54:05 ----D---- C:\Windows\system32\Boot
2015-09-09 12:54:05 ----D---- C:\Windows\AppPatch
2015-09-09 10:24:46 ----D---- C:\Windows\system32\MRT
2015-09-09 09:22:52 ----D---- C:\Windows\system32\catroot2
2015-09-08 19:42:15 ----D---- C:\Users\d\AppData\Roaming\uTorrent
2015-09-07 19:46:44 ----D---- C:\Users\d\AppData\Roaming\vlc
2015-09-02 18:17:42 ----D---- C:\Windows\twain_32
2015-08-29 07:34:56 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-17 20:23:37 ----D---- C:\HERE 2015 Q1
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-20 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-20 274808]
R0 hotcore3;hotcore3; C:\Windows\SysWOW64\drivers\hotcore3.sys [2007-03-07 35096]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-07-20 115152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2014-11-22 198944]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2011-07-15 22128]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-20 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-20 1048856]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-20 447944]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-07-23 450456]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-20 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-20 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-20 150160]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-20 273824]
R3 Acceler;Accelerometer Service; C:\Windows\system32\DRIVERS\accelern.sys [2011-07-22 27760]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-05-25 368464]
R3 BCM43XX;Ovladač pro bezdrátovou síťovou kartu DW WLAN; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-01-18 4719680]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 cvusbdrv;Dell ControlVault; C:\Windows\System32\Drivers\cvusbdrv.sys [2010-08-24 38440]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2010-04-06 301232]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-09-05 196384]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-08-17 515584]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUsb;Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 110336]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys []
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-03-11 14464]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2010-08-17 89600]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-20 146600]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2011-01-31 1035680]
R2 Credential Vault Host Storage;Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2011-01-31 36768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-12-11 89864]
R2 KMService;KMService; C:\Windows\syswow64\srvany.exe [2014-11-22 8192]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-30 920864]
R2 NVWMI;NVIDIA WMI Provider; C:\Windows\system32\nvwmi64.exe [2013-09-05 1290016]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2010-08-17 263168]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-08-29 414496]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-07-23 3596240]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-20 4047768]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [2007-03-15 2233400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-28 149160]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-22 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by d at 2015-09-14 20:37:18
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 10 GB (12%) free of 82 GB
Total RAM: 4022 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:37:19, on 14.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\trend micro\d.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: VideoBrowser Camera Monitor.lnk = C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA WMI Provider (NVWMI) - Unknown owner - C:\Windows\system32\nvwmi64.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 9982 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Windows\system32\nvwmi64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\nvwmi64.exe -spawnprovider
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
C:\Windows\system32\WLANExt.exe 28898384
\??\C:\Windows\system32\conhost.exe "-6644834618049791711225847030736111785-490882045145704035910251641991912101556
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\DellTPad\Apoint.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe"
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe"
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"Apntex.exe"
"C:\Program Files\DellTPad\HidFind.exe"
\??\C:\Windows\system32\conhost.exe "435830208-1876855541142809987111639552411146073045-334859239-470530592-395289102
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
C:\Windows\SysWOW64\srvany.exe
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
C:\Windows\KMService.exe
\??\C:\Windows\system32\conhost.exe "361940760-12736524746701811071199627190-1755366198-580013877-207334564-1207872772
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-97fb6c29-861c-449d-b8b5-eee354ea3621 -SystemEventPortName:HostProcess-501b4b64-f71a-47f2-8919-b60a045327c1 -IoCancelEventPortName:HostProcess-0f3f03c6-f285-4dad-b6a8-a9920596fff0 -NonStateChangingEventPortName:HostProcess-d9476c81-db44-4c9c-ac60-d6139df5cd4a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9ffb6335-311a-429d-b9f2-7bd1daae6c53 -DeviceGroupId:
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\totalcmd\TOTALCMD.EXE"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"D:\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\d\AppData\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default
prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll [2010-04-13 75592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-28 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-20 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-28 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll [2010-04-13 63304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll [2010-04-13 454472]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll [2010-04-13 206152]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2011-07-20 611192]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-08-17 487424]
"FreeFallProtection"=C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [2011-07-25 686704]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-09-05 2722080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-07-25 1562264]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-20 8455960]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-20 6109776]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-07-25 311616]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-07-23 134624]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2014-08-01 49976]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
VideoBrowser Camera Monitor.lnk - C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux1"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-09-13 21:33:10 ----D---- C:\AdwCleaner
2015-09-13 12:34:24 ----D---- C:\rsit
2015-09-13 12:34:24 ----D---- C:\Program Files\trend micro
2015-09-12 22:38:03 ----RD---- C:\Program Files (x86)\Skype
2015-09-09 13:50:42 ----D---- C:\Windows\rescache
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wups.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-09-09 09:28:45 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 09:28:45 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 09:28:45 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 09:28:43 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 09:23:49 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-09-09 09:23:49 ----A---- C:\Windows\system32\tzres.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-09-09 09:23:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 09:23:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 09:23:47 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-09 09:23:47 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 09:23:46 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 09:23:46 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 09:23:46 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 09:23:45 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 09:23:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 09:23:45 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 09:23:45 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 09:23:45 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 09:23:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 09:23:44 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 09:23:44 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 09:23:44 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 09:23:43 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 09:23:43 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 09:23:43 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 09:23:42 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 09:23:42 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 09:23:42 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 09:23:42 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 09:23:39 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 09:23:22 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 09:23:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 09:23:22 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\smss.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 09:23:10 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 09:23:10 ----A---- C:\Windows\system32\consent.exe
2015-09-09 09:23:10 ----A---- C:\Windows\system32\authui.dll
2015-09-09 09:23:10 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 09:23:06 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 09:23:05 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 09:23:05 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 09:23:05 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 09:23:05 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 09:23:05 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 09:23:05 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 09:23:02 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 09:00:15 ----SD---- C:\Windows\SYSWOW64\Microsoft
2015-09-06 09:07:56 ----D---- C:\Tale of Tales 2015 1080p BRRip x264 DTS-JYK
2015-08-28 07:46:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2015-09-14 20:37:11 ----D---- C:\Windows\Temp
2015-09-14 19:00:52 ----D---- C:\Windows\system32\config
2015-09-14 18:54:57 ----D---- C:\Windows\System32
2015-09-14 18:54:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-14 18:50:35 ----D---- C:\ProgramData\NVIDIA
2015-09-13 21:35:37 ----D---- C:\Windows\system32\Tasks
2015-09-13 21:35:36 ----D---- C:\Windows\system32\drivers
2015-09-13 21:35:30 ----HD---- C:\ProgramData
2015-09-13 21:35:29 ----RD---- C:\Program Files (x86)
2015-09-13 12:34:24 ----RD---- C:\Program Files
2015-09-12 22:38:12 ----D---- C:\Users\d\AppData\Roaming\Skype
2015-09-12 22:38:07 ----SHD---- C:\Windows\Installer
2015-09-12 22:38:07 ----HD---- C:\Config.Msi
2015-09-12 22:38:03 ----D---- C:\Program Files (x86)\Common Files
2015-09-12 22:38:02 ----D---- C:\Windows\SysWOW64
2015-09-12 22:38:02 ----D---- C:\ProgramData\Skype
2015-09-12 22:36:25 ----D---- C:\Program Files (x86)\Adobe
2015-09-12 22:33:45 ----SD---- C:\Users\d\AppData\Roaming\Microsoft
2015-09-12 21:16:39 ----D---- C:\Windows\inf
2015-09-12 21:16:24 ----D---- C:\Windows
2015-09-12 21:14:52 ----D---- C:\Windows\SoftwareDistribution
2015-09-12 21:14:36 ----D---- C:\Windows\debug
2015-09-12 21:14:10 ----D---- C:\Program Files\CCleaner
2015-09-09 13:20:42 ----D---- C:\Windows\Microsoft.NET
2015-09-09 13:04:02 ----RSD---- C:\Windows\assembly
2015-09-09 12:55:01 ----D---- C:\Windows\winsxs
2015-09-09 12:54:08 ----D---- C:\Program Files\Windows Journal
2015-09-09 12:54:07 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-09 12:54:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-09-09 12:54:07 ----D---- C:\Windows\system32\en-US
2015-09-09 12:54:07 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 12:54:07 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 12:54:07 ----D---- C:\Windows\ehome
2015-09-09 12:54:07 ----D---- C:\Program Files\Internet Explorer
2015-09-09 12:54:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 12:54:05 ----D---- C:\Windows\system32\Boot
2015-09-09 12:54:05 ----D---- C:\Windows\AppPatch
2015-09-09 10:24:46 ----D---- C:\Windows\system32\MRT
2015-09-09 09:22:52 ----D---- C:\Windows\system32\catroot2
2015-09-08 19:42:15 ----D---- C:\Users\d\AppData\Roaming\uTorrent
2015-09-07 19:46:44 ----D---- C:\Users\d\AppData\Roaming\vlc
2015-09-02 18:17:42 ----D---- C:\Windows\twain_32
2015-08-29 07:34:56 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-17 20:23:37 ----D---- C:\HERE 2015 Q1
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-20 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-20 274808]
R0 hotcore3;hotcore3; C:\Windows\SysWOW64\drivers\hotcore3.sys [2007-03-07 35096]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-07-20 115152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2014-11-22 198944]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2011-07-15 22128]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-20 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-20 1048856]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-20 447944]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-07-23 450456]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-20 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-20 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-20 150160]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-20 273824]
R3 Acceler;Accelerometer Service; C:\Windows\system32\DRIVERS\accelern.sys [2011-07-22 27760]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-05-25 368464]
R3 BCM43XX;Ovladač pro bezdrátovou síťovou kartu DW WLAN; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-01-18 4719680]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 cvusbdrv;Dell ControlVault; C:\Windows\System32\Drivers\cvusbdrv.sys [2010-08-24 38440]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2010-04-06 301232]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-09-05 196384]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-08-17 515584]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUsb;Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 110336]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys []
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-03-11 14464]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2010-08-17 89600]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-20 146600]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2011-01-31 1035680]
R2 Credential Vault Host Storage;Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2011-01-31 36768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-12-11 89864]
R2 KMService;KMService; C:\Windows\syswow64\srvany.exe [2014-11-22 8192]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-30 920864]
R2 NVWMI;NVIDIA WMI Provider; C:\Windows\system32\nvwmi64.exe [2013-09-05 1290016]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2010-08-17 263168]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-08-29 414496]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-07-23 3596240]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-20 4047768]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [2007-03-15 2233400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-28 149160]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-22 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119674
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: špatná funkce myši
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Radek.Juracak
- Návštěvník
- Příspěvky: 114
- Registrován: 14 led 2006 16:33
Re: špatná funkce myši
Dobrý den, děkuji. Promazáno, nicméně to pořád zlobí:o(.
Nový RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by d at 2015-09-15 04:50:45
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 12 GB (14%) free of 82 GB
Total RAM: 4022 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:50:47, on 15.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\d.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: VideoBrowser Camera Monitor.lnk = C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA WMI Provider (NVWMI) - Unknown owner - C:\Windows\system32\nvwmi64.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 9777 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Windows\system32\nvwmi64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\nvwmi64.exe -spawnprovider
C:\Windows\system32\WLANExt.exe 28927888
\??\C:\Windows\system32\conhost.exe "15586315514698096681741878472-133360951-861664448-16403146131920223332-846844585
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\DellTPad\Apoint.exe"
taskeng.exe {498F0388-883F-41C8-BC98-3FDD93334CC3}
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe"
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe"
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"Apntex.exe"
"C:\Program Files\DellTPad\HidFind.exe"
"C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe"
\??\C:\Windows\system32\conhost.exe "-5423977381987201314817145428-1484550591533476924-697121698540692204-1600044312
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
C:\Windows\SysWOW64\srvany.exe
C:\Windows\KMService.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
\??\C:\Windows\system32\conhost.exe "-539761023194185749-1356630068-1650525891-14919077319927362069047770461838075476
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1f13dcdb-bc26-4226-982f-1153997d342d -SystemEventPortName:HostProcess-38d78ffd-9aa8-4708-9072-244ac53ccc07 -IoCancelEventPortName:HostProcess-6c465c82-df0b-477b-8228-b09cdd375352 -NonStateChangingEventPortName:HostProcess-65dc2e74-1d61-428d-b668-ae8d5422000f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0ac2938c-df14-4a7d-b035-e41127fdbb2c -DeviceGroupId:
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\sppsvc.exe
taskeng.exe {34903EF4-7B46-44C1-BA9A-12A043600C25}
taskhost.exe $(Arg0)
"C:\Program Files\totalcmd\TOTALCMD.EXE"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3466688151-3585226628-1859684501-10002_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3466688151-3585226628-1859684501-10002 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"D:\RSITx64.exe"
wmiadap.exe /F /T /R
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\d\AppData\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default
prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll [2010-04-13 75592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-28 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-20 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-28 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll [2010-04-13 63304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll [2010-04-13 454472]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2011-07-20 611192]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-08-17 487424]
"FreeFallProtection"=C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [2011-07-25 686704]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-09-05 2722080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-07-25 1562264]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-20 8455960]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-20 6109776]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-07-25 311616]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-07-23 134624]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2014-08-01 49976]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
VideoBrowser Camera Monitor.lnk - C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux1"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-09-14 21:52:43 ----D---- C:\_OTM
2015-09-13 21:33:10 ----D---- C:\AdwCleaner
2015-09-13 12:34:24 ----D---- C:\rsit
2015-09-13 12:34:24 ----D---- C:\Program Files\trend micro
2015-09-12 22:38:03 ----RD---- C:\Program Files (x86)\Skype
2015-09-09 13:50:42 ----D---- C:\Windows\rescache
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wups.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-09-09 09:28:45 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 09:28:45 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 09:28:45 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 09:28:43 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 09:23:49 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-09-09 09:23:49 ----A---- C:\Windows\system32\tzres.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-09-09 09:23:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 09:23:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 09:23:47 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-09 09:23:47 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 09:23:46 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 09:23:46 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 09:23:46 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 09:23:45 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 09:23:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 09:23:45 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 09:23:45 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 09:23:45 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 09:23:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 09:23:44 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 09:23:44 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 09:23:44 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 09:23:43 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 09:23:43 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 09:23:43 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 09:23:42 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 09:23:42 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 09:23:42 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 09:23:42 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 09:23:39 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 09:23:22 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 09:23:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 09:23:22 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\smss.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 09:23:10 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 09:23:10 ----A---- C:\Windows\system32\consent.exe
2015-09-09 09:23:10 ----A---- C:\Windows\system32\authui.dll
2015-09-09 09:23:10 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 09:23:06 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 09:23:05 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 09:23:05 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 09:23:05 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 09:23:05 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 09:23:05 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 09:23:05 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 09:23:02 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 09:00:15 ----SD---- C:\Windows\SYSWOW64\Microsoft
2015-09-06 09:07:56 ----D---- C:\Tale of Tales 2015 1080p BRRip x264 DTS-JYK
2015-08-28 07:46:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2015-09-15 04:50:46 ----D---- C:\Windows\Temp
2015-09-15 04:46:51 ----D---- C:\Windows\system32\config
2015-09-15 04:46:35 ----D---- C:\ProgramData\NVIDIA
2015-09-14 23:22:32 ----D---- C:\Windows\System32
2015-09-14 23:22:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-14 22:19:23 ----D---- C:\Windows
2015-09-13 21:35:37 ----D---- C:\Windows\system32\Tasks
2015-09-13 21:35:36 ----D---- C:\Windows\system32\drivers
2015-09-13 21:35:30 ----HD---- C:\ProgramData
2015-09-13 21:35:29 ----RD---- C:\Program Files (x86)
2015-09-13 12:34:24 ----RD---- C:\Program Files
2015-09-12 22:38:12 ----D---- C:\Users\d\AppData\Roaming\Skype
2015-09-12 22:38:07 ----SHD---- C:\Windows\Installer
2015-09-12 22:38:07 ----HD---- C:\Config.Msi
2015-09-12 22:38:03 ----D---- C:\Program Files (x86)\Common Files
2015-09-12 22:38:02 ----D---- C:\Windows\SysWOW64
2015-09-12 22:38:02 ----D---- C:\ProgramData\Skype
2015-09-12 22:36:25 ----D---- C:\Program Files (x86)\Adobe
2015-09-12 22:33:45 ----SD---- C:\Users\d\AppData\Roaming\Microsoft
2015-09-12 21:16:39 ----D---- C:\Windows\inf
2015-09-12 21:14:52 ----D---- C:\Windows\SoftwareDistribution
2015-09-12 21:14:36 ----D---- C:\Windows\debug
2015-09-12 21:14:10 ----D---- C:\Program Files\CCleaner
2015-09-09 13:20:42 ----D---- C:\Windows\Microsoft.NET
2015-09-09 13:04:02 ----RSD---- C:\Windows\assembly
2015-09-09 12:55:01 ----D---- C:\Windows\winsxs
2015-09-09 12:54:08 ----D---- C:\Program Files\Windows Journal
2015-09-09 12:54:07 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-09 12:54:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-09-09 12:54:07 ----D---- C:\Windows\system32\en-US
2015-09-09 12:54:07 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 12:54:07 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 12:54:07 ----D---- C:\Windows\ehome
2015-09-09 12:54:07 ----D---- C:\Program Files\Internet Explorer
2015-09-09 12:54:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 12:54:05 ----D---- C:\Windows\system32\Boot
2015-09-09 12:54:05 ----D---- C:\Windows\AppPatch
2015-09-09 10:24:46 ----D---- C:\Windows\system32\MRT
2015-09-09 09:22:52 ----D---- C:\Windows\system32\catroot2
2015-09-08 19:42:15 ----D---- C:\Users\d\AppData\Roaming\uTorrent
2015-09-07 19:46:44 ----D---- C:\Users\d\AppData\Roaming\vlc
2015-09-02 18:17:42 ----D---- C:\Windows\twain_32
2015-08-29 07:34:56 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-17 20:23:37 ----D---- C:\HERE 2015 Q1
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-20 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-20 274808]
R0 hotcore3;hotcore3; C:\Windows\SysWOW64\drivers\hotcore3.sys [2007-03-07 35096]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-07-20 115152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2014-11-22 198944]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2011-07-15 22128]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-20 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-20 1048856]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-20 447944]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-07-23 450456]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-20 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-20 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-20 150160]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-20 273824]
R3 Acceler;Accelerometer Service; C:\Windows\system32\DRIVERS\accelern.sys [2011-07-22 27760]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-05-25 368464]
R3 BCM43XX;Ovladač pro bezdrátovou síťovou kartu DW WLAN; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-01-18 4719680]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 cvusbdrv;Dell ControlVault; C:\Windows\System32\Drivers\cvusbdrv.sys [2010-08-24 38440]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2010-04-06 301232]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-09-05 196384]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-08-17 515584]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUsb;Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 110336]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys []
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-03-11 14464]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2010-08-17 89600]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-20 146600]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2011-01-31 1035680]
R2 Credential Vault Host Storage;Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2011-01-31 36768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-12-11 89864]
R2 KMService;KMService; C:\Windows\syswow64\srvany.exe [2014-11-22 8192]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-30 920864]
R2 NVWMI;NVIDIA WMI Provider; C:\Windows\system32\nvwmi64.exe [2013-09-05 1290016]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2010-08-17 263168]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-08-29 414496]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-07-23 3596240]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-20 4047768]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [2007-03-15 2233400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-28 149160]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-22 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Nový RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by d at 2015-09-15 04:50:45
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 12 GB (14%) free of 82 GB
Total RAM: 4022 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:50:47, on 15.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\d.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: VideoBrowser Camera Monitor.lnk = C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA WMI Provider (NVWMI) - Unknown owner - C:\Windows\system32\nvwmi64.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
--
End of file - 9777 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Windows\system32\nvwmi64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\nvwmi64.exe -spawnprovider
C:\Windows\system32\WLANExt.exe 28927888
\??\C:\Windows\system32\conhost.exe "15586315514698096681741878472-133360951-861664448-16403146131920223332-846844585
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\DellTPad\Apoint.exe"
taskeng.exe {498F0388-883F-41C8-BC98-3FDD93334CC3}
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe"
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe"
"C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"Apntex.exe"
"C:\Program Files\DellTPad\HidFind.exe"
"C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe"
\??\C:\Windows\system32\conhost.exe "-5423977381987201314817145428-1484550591533476924-697121698540692204-1600044312
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
C:\Windows\SysWOW64\srvany.exe
C:\Windows\KMService.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
\??\C:\Windows\system32\conhost.exe "-539761023194185749-1356630068-1650525891-14919077319927362069047770461838075476
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1f13dcdb-bc26-4226-982f-1153997d342d -SystemEventPortName:HostProcess-38d78ffd-9aa8-4708-9072-244ac53ccc07 -IoCancelEventPortName:HostProcess-6c465c82-df0b-477b-8228-b09cdd375352 -NonStateChangingEventPortName:HostProcess-65dc2e74-1d61-428d-b668-ae8d5422000f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0ac2938c-df14-4a7d-b035-e41127fdbb2c -DeviceGroupId:
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\sppsvc.exe
taskeng.exe {34903EF4-7B46-44C1-BA9A-12A043600C25}
taskhost.exe $(Arg0)
"C:\Program Files\totalcmd\TOTALCMD.EXE"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3466688151-3585226628-1859684501-10002_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3466688151-3585226628-1859684501-10002 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"D:\RSITx64.exe"
wmiadap.exe /F /T /R
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\d\AppData\Roaming\Mozilla\Firefox\Profiles\t3ekbtyi.default
prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll [2010-04-13 75592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-28 551848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-20 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-28 212904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll [2010-04-13 63304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll [2010-04-13 454472]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2011-07-20 611192]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-08-17 487424]
"FreeFallProtection"=C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [2011-07-25 686704]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-09-05 2722080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2014-07-25 1562264]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-20 8455960]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-20 6109776]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-07-25 311616]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2014-07-23 134624]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2014-08-01 49976]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
VideoBrowser Camera Monitor.lnk - C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux1"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-09-14 21:52:43 ----D---- C:\_OTM
2015-09-13 21:33:10 ----D---- C:\AdwCleaner
2015-09-13 12:34:24 ----D---- C:\rsit
2015-09-13 12:34:24 ----D---- C:\Program Files\trend micro
2015-09-12 22:38:03 ----RD---- C:\Program Files (x86)\Skype
2015-09-09 13:50:42 ----D---- C:\Windows\rescache
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 09:28:47 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wups.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 09:28:47 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-09-09 09:28:45 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 09:28:45 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 09:28:45 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 09:28:43 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 09:23:49 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-09-09 09:23:49 ----A---- C:\Windows\system32\tzres.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-09-09 09:23:47 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-09-09 09:23:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 09:23:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 09:23:47 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-09 09:23:47 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 09:23:46 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 09:23:46 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 09:23:46 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 09:23:46 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 09:23:45 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 09:23:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 09:23:45 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 09:23:45 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 09:23:45 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 09:23:44 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 09:23:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 09:23:44 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 09:23:44 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 09:23:44 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 09:23:43 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 09:23:43 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 09:23:43 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 09:23:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 09:23:42 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 09:23:42 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 09:23:42 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 09:23:42 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 09:23:41 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 09:23:40 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 09:23:39 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 09:23:22 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 09:23:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 09:23:22 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 09:23:21 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 09:23:21 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:23:20 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 09:23:20 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\smss.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 09:23:20 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 09:23:20 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 09:23:20 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 09:23:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 09:23:19 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 09:23:19 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 09:23:10 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 09:23:10 ----A---- C:\Windows\system32\consent.exe
2015-09-09 09:23:10 ----A---- C:\Windows\system32\authui.dll
2015-09-09 09:23:10 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 09:23:08 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 09:23:06 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 09:23:05 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 09:23:05 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 09:23:05 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 09:23:05 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 09:23:05 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 09:23:05 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 09:23:02 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 09:23:01 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 09:23:01 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 09:00:15 ----SD---- C:\Windows\SYSWOW64\Microsoft
2015-09-06 09:07:56 ----D---- C:\Tale of Tales 2015 1080p BRRip x264 DTS-JYK
2015-08-28 07:46:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2015-09-15 04:50:46 ----D---- C:\Windows\Temp
2015-09-15 04:46:51 ----D---- C:\Windows\system32\config
2015-09-15 04:46:35 ----D---- C:\ProgramData\NVIDIA
2015-09-14 23:22:32 ----D---- C:\Windows\System32
2015-09-14 23:22:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-14 22:19:23 ----D---- C:\Windows
2015-09-13 21:35:37 ----D---- C:\Windows\system32\Tasks
2015-09-13 21:35:36 ----D---- C:\Windows\system32\drivers
2015-09-13 21:35:30 ----HD---- C:\ProgramData
2015-09-13 21:35:29 ----RD---- C:\Program Files (x86)
2015-09-13 12:34:24 ----RD---- C:\Program Files
2015-09-12 22:38:12 ----D---- C:\Users\d\AppData\Roaming\Skype
2015-09-12 22:38:07 ----SHD---- C:\Windows\Installer
2015-09-12 22:38:07 ----HD---- C:\Config.Msi
2015-09-12 22:38:03 ----D---- C:\Program Files (x86)\Common Files
2015-09-12 22:38:02 ----D---- C:\Windows\SysWOW64
2015-09-12 22:38:02 ----D---- C:\ProgramData\Skype
2015-09-12 22:36:25 ----D---- C:\Program Files (x86)\Adobe
2015-09-12 22:33:45 ----SD---- C:\Users\d\AppData\Roaming\Microsoft
2015-09-12 21:16:39 ----D---- C:\Windows\inf
2015-09-12 21:14:52 ----D---- C:\Windows\SoftwareDistribution
2015-09-12 21:14:36 ----D---- C:\Windows\debug
2015-09-12 21:14:10 ----D---- C:\Program Files\CCleaner
2015-09-09 13:20:42 ----D---- C:\Windows\Microsoft.NET
2015-09-09 13:04:02 ----RSD---- C:\Windows\assembly
2015-09-09 12:55:01 ----D---- C:\Windows\winsxs
2015-09-09 12:54:08 ----D---- C:\Program Files\Windows Journal
2015-09-09 12:54:07 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-09 12:54:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-09-09 12:54:07 ----D---- C:\Windows\system32\en-US
2015-09-09 12:54:07 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 12:54:07 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 12:54:07 ----D---- C:\Windows\ehome
2015-09-09 12:54:07 ----D---- C:\Program Files\Internet Explorer
2015-09-09 12:54:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 12:54:05 ----D---- C:\Windows\system32\Boot
2015-09-09 12:54:05 ----D---- C:\Windows\AppPatch
2015-09-09 10:24:46 ----D---- C:\Windows\system32\MRT
2015-09-09 09:22:52 ----D---- C:\Windows\system32\catroot2
2015-09-08 19:42:15 ----D---- C:\Users\d\AppData\Roaming\uTorrent
2015-09-07 19:46:44 ----D---- C:\Users\d\AppData\Roaming\vlc
2015-09-02 18:17:42 ----D---- C:\Windows\twain_32
2015-08-29 07:34:56 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-17 20:23:37 ----D---- C:\HERE 2015 Q1
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-20 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-20 274808]
R0 hotcore3;hotcore3; C:\Windows\SysWOW64\drivers\hotcore3.sys [2007-03-07 35096]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-07-20 115152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2014-11-22 198944]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2011-07-15 22128]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-20 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-20 1048856]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-20 447944]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2014-07-23 450456]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-20 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-20 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-20 150160]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-20 273824]
R3 Acceler;Accelerometer Service; C:\Windows\system32\DRIVERS\accelern.sys [2011-07-22 27760]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-05-25 368464]
R3 BCM43XX;Ovladač pro bezdrátovou síťovou kartu DW WLAN; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-01-18 4719680]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 cvusbdrv;Dell ControlVault; C:\Windows\System32\Drivers\cvusbdrv.sys [2010-08-24 38440]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2010-04-06 301232]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-09-05 196384]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-08-17 515584]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUsb;Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 110336]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys []
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\drivers\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\drivers\nusb3xhc.sys [2010-09-30 180736]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdrvio;pwdrvio; \??\C:\Windows\syswow64\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\Windows\syswow64\pwdspio.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-03-11 14464]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2010-08-17 89600]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-20 146600]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2011-01-31 1035680]
R2 Credential Vault Host Storage;Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2011-01-31 36768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-12-11 89864]
R2 KMService;KMService; C:\Windows\syswow64\srvany.exe [2014-11-22 8192]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-30 920864]
R2 NVWMI;NVIDIA WMI Provider; C:\Windows\system32\nvwmi64.exe [2013-09-05 1290016]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2010-08-17 263168]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-08-29 414496]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2014-07-23 3596240]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-20 4047768]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [2007-03-15 2233400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-28 149160]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-22 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119674
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: špatná funkce myši
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Zkuste myšku i touchpad (postupně) ve správci zařízení odebrat (odinstalovat). Restartujte a při novém startu bude zařízení znovu načteno. Vyzkoušejte funkce, někdy se stane, že ovladač není korektně načten.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Radek.Juracak
- Návštěvník
- Příspěvky: 114
- Registrován: 14 led 2006 16:33
Re: špatná funkce myši
Dobrý den,
děkuji za rady. Vše jsem provedl jak píšete, ale pořád myška zlobí. Po spuštění, když kliknu levou klávesou, vyběhne nabídka jako z pod pravé klávesy. To dělá pořád dokola, než zmáčnu klávesu pravou a pak levou a myšká se srovná jak má. Toto jsem opravdu nikde neslyšel a už nevím jak na to. Pokud Vs ještě něco napadne, budu rád. Jinak každopádně moc děkuji za pročištění a Vaše rady.
Díky
děkuji za rady. Vše jsem provedl jak píšete, ale pořád myška zlobí. Po spuštění, když kliknu levou klávesou, vyběhne nabídka jako z pod pravé klávesy. To dělá pořád dokola, než zmáčnu klávesu pravou a pak levou a myšká se srovná jak má. Toto jsem opravdu nikde neslyšel a už nevím jak na to. Pokud Vs ještě něco napadne, budu rád. Jinak každopádně moc děkuji za pročištění a Vaše rady.
Díky
-
Rudy
- Site Admin
- Příspěvky: 119674
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: špatná funkce myši
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Radek.Juracak
- Návštěvník
- Příspěvky: 114
- Registrován: 14 led 2006 16:33
Re: špatná funkce myši
Dobrý den, posílám log..
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 18.9.2015
Čas skenování: 12:05
Protokol: m.txt
Správce: Ano
Verze: 2.1.8.1057
Databáze malwaru: v2015.09.18.03
Databáze rootkitů: v2015.08.16.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: d
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 350796
Uplynulý čas: 7 min, 9 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 1
RiskWare.Tool.CK, C:\Windows\KMService.exe, 3836, Smazat při restartu, [4318a19026650c2a56c119fe8979c33d]
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 1
PUP.Optional.Sanbreel, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{b858b34e-1976-4315-9009-36b04b2970ef}Gw64, Do karantény, [283351e092f9b38331b1e4cede26768a],
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 1
PUP.Optional.DataMngr, C:\Users\d\AppData\LocalLow\DataMngr, Do karantény, [74e7e74a6625c4721c8c26e94eb51ae6],
Soubory: 2
RiskWare.Tool.CK, C:\Windows\KMService.exe, Smazat při restartu, [4318a19026650c2a56c119fe8979c33d],
PUP.Optional.DataMngr, C:\Users\d\AppData\LocalLow\DataMngr\{99BB1406-1CFB-488C-90D1-2D978E04F707}64, Do karantény, [74e7e74a6625c4721c8c26e94eb51ae6],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Děkuji
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 18.9.2015
Čas skenování: 12:05
Protokol: m.txt
Správce: Ano
Verze: 2.1.8.1057
Databáze malwaru: v2015.09.18.03
Databáze rootkitů: v2015.08.16.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: d
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 350796
Uplynulý čas: 7 min, 9 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 1
RiskWare.Tool.CK, C:\Windows\KMService.exe, 3836, Smazat při restartu, [4318a19026650c2a56c119fe8979c33d]
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 1
PUP.Optional.Sanbreel, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{b858b34e-1976-4315-9009-36b04b2970ef}Gw64, Do karantény, [283351e092f9b38331b1e4cede26768a],
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 1
PUP.Optional.DataMngr, C:\Users\d\AppData\LocalLow\DataMngr, Do karantény, [74e7e74a6625c4721c8c26e94eb51ae6],
Soubory: 2
RiskWare.Tool.CK, C:\Windows\KMService.exe, Smazat při restartu, [4318a19026650c2a56c119fe8979c33d],
PUP.Optional.DataMngr, C:\Users\d\AppData\LocalLow\DataMngr\{99BB1406-1CFB-488C-90D1-2D978E04F707}64, Do karantény, [74e7e74a6625c4721c8c26e94eb51ae6],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Děkuji
-
Rudy
- Site Admin
- Příspěvky: 119674
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: špatná funkce myši
Nálezy smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Radek.Juracak
- Návštěvník
- Příspěvky: 114
- Registrován: 14 led 2006 16:33
Re: špatná funkce myši
Dobrý den, děkuji, provedeno. Nicméně po restartu to chce klik pravou mysi, pak levou a pak muzeme zacit... Máte ještě nějaký tip? Děkuji
Přispějete na provoz fóra?