Ahoj, prosil bych o pomoc s navracením původní kondice mého PC.
Při spuštění se extremně dlouho zapína a načítá, během užívání reaguje s prodlevou a má problemy např. s přehrávánim Blu-ray filmů.
Na internetu mi samovolně vyskakujou okna.
Přikládám výpis z RSit a předem děkuju.
Running processes:
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Users\r0ach\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Users\r0ach\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\trend micro\r0ach.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN32D130BY05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\r0ach\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\r0ach\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Startup: Dropbox.lnk = r0ach\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: RapidMediaConverterApp.lnk = C:\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files (x86)\BitSpirit\bsurl.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lmadmin - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 18560 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\Hpservice.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c5dae2db-17d4-4fe6-a653-2e30f79b6497 -SystemEventPortName:HostProcess-8e951fa7-2bdb-49ef-968a-b4d86c0dd14c -IoCancelEventPortName:HostProcess-8e214f26-c8c5-41f9-bbba-480f93a8b65e -NonStateChangingEventPortName:HostProcess-e8e34f19-e5f4-458e-b10c-ba69fde6ec00 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:42ed0e6c-600a-43eb-bc51-efb4ba1f626e -DeviceGroupId:
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 25456384
\??\C:\Windows\system32\conhost.exe "-1878067251-1638021714-1361072767-916146423-1222444872-2042501394-1182709014941438435
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe" -Embedding
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
taskeng.exe {F8D62342-14DF-4AB1-9220-2AEB3A4B53BB}
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN32D130BY05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"
taskeng.exe {06EAF548-ED41-4A8A-A0AE-C376BE747EB7}
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Users\r0ach\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
SCIA -T r0ach-HP 11.10 -1 -c scia\SCIA_Software.lic -lmgrd_port 6978 -x lmremove --lmgrd_start 563dd766 -l logs/SCIA.log
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 4648
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
-Minimized
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k WbioSvcGroup
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Users\r0ach\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
Explorer.exe
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --flag-switches-begin --flag-switches-end
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8020.0.675311981\640875730" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,20,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.15.10.2827 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Control/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8020.2.267936356\2030793564" --font-cache-shared-handle=2084 /prefetch:673131151
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Control/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8020.3.1001177669\377279645" --font-cache-shared-handle=2296 /prefetch:673131151
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Control/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8020.14.1810337760\1288620331" --font-cache-shared-handle=2748 /prefetch:673131151
"C:\Users\r0ach\Downloads\RSITx64.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
C:\Windows\system32\sppsvc.exe
taskeng.exe {53DB3D52-9011-45D4-AABE-8ADC68F1C819}
"C:\Windows\system32\RunDll32.exe" "C:\Windows\system32\WerConCpl.dll", LaunchErcApp -responsepester
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core1d0c88e325ac674.job
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0924f7e399f12.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core1d0c00dab9dd2c9.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000UA.job
C:\Windows\tasks\HPCeeScheduleForR0ACH-HP$.job
C:\Windows\tasks\HPCeeScheduleForr0ach.job
=========Mozilla firefox=========
ProfilePath - C:\Users\r0ach\AppData\Roaming\Mozilla\Firefox\Profiles\qt76eed2.default
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation(R)Network Downloader.
"Path"=C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
websitelogon@truesuite.com
C:\Program Files (x86)\Mozilla Firefox\components\
flashplayer.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np32dsw.dll
ShockwavePlugin.class
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-08-25 1763656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12 2134656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-07 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-06 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-08-25 1613640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-06 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-13 2799912]
"Cm106Sound"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 190472]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-08-09 167744]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-08-09 392512]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-08-09 417088]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-01-03 1425408]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5581888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile Communication Centre"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2011-03-08 1355792]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\r0ach\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2014-05-01 1193352]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
"Dropbox Update"=C:\Users\r0ach\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19 134512]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48145024]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2013-06-28 113288]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-03-16 61112]
"SafeQ Client"=C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2013-02-20 259584]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-03-05 578944]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-06-14 103992]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-04 642728]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2014-09-04 488328]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
TMMonitor.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Users\r0ach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\r0ach\AppData\Roaming\Dropbox\bin\Dropbox.exe
RapidMediaConverterApp.lnk - C:\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-09 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-09-07 52920]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalé PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Pomalé PC
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-07 12:03:52 ----D---- C:\rsit
2015-11-03 19:34:56 ----RD---- C:\Program Files (x86)\Skype
2015-10-22 22:29:53 ----D---- C:\Users\r0ach\AppData\Roaming\edxLabs
2015-10-22 17:44:57 ----A---- C:\Windows\system32\drivers\IT9135BDA.sys
2015-10-16 21:35:21 ----A---- C:\Windows\system32\invagent.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\generaltel.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\devinv.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-16 21:35:21 ----A---- C:\Windows\system32\appraiser.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\aeinv.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\acmigration.dll
2015-10-13 19:20:43 ----A---- C:\Windows\system32\shell32.dll
2015-10-13 19:20:37 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-10-13 19:20:32 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-13 19:20:28 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-10-13 19:19:41 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-13 19:19:41 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-13 19:19:41 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-10-13 19:19:41 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-10-13 19:19:41 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-13 19:19:40 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-13 19:19:40 ----A---- C:\Windows\system32\iernonce.dll
2015-10-13 19:19:40 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-13 19:19:39 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-13 19:19:39 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-13 19:19:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-10-13 19:19:09 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-13 19:19:09 ----A---- C:\Windows\system32\urlmon.dll
2015-10-13 19:19:09 ----A---- C:\Windows\system32\occache.dll
2015-10-13 19:19:09 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-13 19:19:08 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-13 19:19:08 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-13 19:19:08 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-10-13 19:19:08 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-13 19:19:07 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-13 19:19:07 ----A---- C:\Windows\system32\iesetup.dll
2015-10-13 19:19:07 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-13 19:19:06 ----A---- C:\Windows\system32\iertutil.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-10-13 19:19:05 ----A---- C:\Windows\system32\vbscript.dll
2015-10-13 19:19:04 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-10-13 19:19:04 ----A---- C:\Windows\system32\jsproxy.dll
2015-10-13 19:19:04 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-13 19:19:03 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-13 19:19:03 ----A---- C:\Windows\system32\ieui.dll
2015-10-13 19:19:03 ----A---- C:\Windows\system32\ieframe.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\webcheck.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\jscript9diag.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\jscript9.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\jscript.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\ieUnatt.exe
2015-10-13 19:19:01 ----A---- C:\Windows\system32\wininet.dll
2015-10-13 19:19:01 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-13 19:19:00 ----A---- C:\Windows\system32\msrating.dll
2015-10-13 19:19:00 ----A---- C:\Windows\system32\mshtml.dll
2015-10-13 19:18:22 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wucltux.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wuapi.dll
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wups2.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wups.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wudriver.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wuapp.exe
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-10-13 19:17:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-13 19:17:40 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-10-13 19:17:39 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-10-13 19:17:37 ----A---- C:\Windows\system32\kernel32.dll
2015-10-13 19:17:37 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-10-13 19:17:37 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-10-13 19:17:36 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-10-13 19:17:36 ----A---- C:\Windows\system32\ntdll.dll
2015-10-13 19:17:36 ----A---- C:\Windows\system32\lsasrv.dll
2015-10-13 19:17:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-10-13 19:17:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\wow64.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\winsrv.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\srcore.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\rpcrt4.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\conhost.exe
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\wdigest.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\TSpkg.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\sspisrv.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\sspicli.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\srclient.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\smss.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\schannel.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\rstrui.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\ntvdm64.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\ncrypt.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\msv1_0.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\lsass.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\kerberos.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\csrsrv.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\cryptbase.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\auditpol.exe
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\wow64win.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\wow64cpu.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\secur32.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-10-13 19:17:32 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-10-13 19:17:32 ----A---- C:\Windows\system32\credssp.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\user.exe
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\msobjs.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\msaudite.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\apisetschema.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\adtschema.dll
2015-10-13 19:16:54 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-10-13 19:16:54 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-10-13 19:16:54 ----A---- C:\Windows\system32\drivers\appid.sys
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidsvc.dll
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidapi.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
======List of files/folders modified in the last 1 month======
2015-11-07 12:03:55 ----D---- C:\Windows\Prefetch
2015-11-07 12:03:54 ----D---- C:\Program Files\trend micro
2015-11-07 12:03:53 ----D---- C:\Windows\temp
2015-11-07 12:03:40 ----D---- C:\Users\r0ach\AppData\Roaming\Skype
2015-11-07 11:59:42 ----D---- C:\Windows\Tasks
2015-11-07 11:59:42 ----D---- C:\Windows\system32\Tasks
2015-11-07 11:57:05 ----D---- C:\Windows\System32
2015-11-07 11:57:05 ----D---- C:\Windows\inf
2015-11-07 11:57:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-07 11:53:41 ----A---- C:\Windows\SYSWOW64\log.txt
2015-11-07 11:52:20 ----D---- C:\Users\r0ach\AppData\Roaming\Dropbox
2015-11-07 11:52:12 ----D---- C:\Windows\system32\config
2015-11-07 00:18:33 ----SHD---- C:\System Volume Information
2015-11-03 19:41:10 ----SHD---- C:\Windows\Installer
2015-11-03 19:41:10 ----D---- C:\Config.Msi
2015-11-03 19:35:04 ----D---- C:\ProgramData\Skype
2015-11-03 19:34:56 ----RD---- C:\Program Files (x86)
2015-11-03 19:34:56 ----D---- C:\Windows\SysWOW64
2015-11-03 19:34:56 ----D---- C:\Program Files (x86)\Common Files
2015-11-03 19:20:27 ----A---- C:\Windows\Cm106.ini.imi
2015-10-22 22:25:59 ----A---- C:\Users\r0ach\AppData\Roaming\mBot.ini
2015-10-22 21:19:33 ----D---- C:\Downloads
2015-10-22 17:45:02 ----D---- C:\Windows\system32\drivers
2015-10-22 17:45:01 ----D---- C:\Windows\system32\DriverStore
2015-10-22 17:45:00 ----D---- C:\Windows
2015-10-17 17:03:03 ----D---- C:\Windows\rescache
2015-10-17 10:07:37 ----D---- C:\Windows\winsxs
2015-10-17 10:06:22 ----SD---- C:\Windows\system32\CompatTel
2015-10-17 10:06:16 ----D---- C:\Windows\system32\appraiser
2015-10-17 10:06:12 ----D---- C:\Windows\AppPatch
2015-10-16 20:47:26 ----D---- C:\Program Files\Internet Explorer
2015-10-16 20:47:25 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-10-16 20:47:23 ----D---- C:\Windows\SYSWOW64\en-US
2015-10-16 20:47:20 ----D---- C:\Windows\system32\cs-CZ
2015-10-16 20:47:19 ----D---- C:\Windows\system32\en-US
2015-10-16 20:47:14 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-16 20:46:45 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-16 20:46:45 ----D---- C:\Windows\system32\Boot
2015-10-16 20:46:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-10-14 19:02:39 ----D---- C:\Windows\system32\MRT
2015-10-14 18:53:45 ----D---- C:\Windows\debug
2015-10-14 18:53:38 ----A---- C:\Windows\system32\MRT.exe
2015-10-13 19:14:39 ----D---- C:\Windows\system32\catroot2
2015-10-13 18:58:43 ----SD---- C:\Windows\system32\GWX
2015-10-13 18:47:47 ----SD---- C:\Windows\SYSWOW64\GWX
2015-10-13 18:39:37 ----D---- C:\Users\r0ach\AppData\Roaming\SoftGrid Client
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-01-26 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-05-20 557848]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-19 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [2009-01-14 28264]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-01-26 43320]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-05 10692096]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-09-05 459264]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2012-11-12 4747840]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-07-20 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2012-08-09 12312896]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2013-06-28 91648]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2013-06-28 208896]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2013-06-28 338536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-01-03 535552]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\drivers\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-12-13 1451056]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-07-20 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-07-20 27760]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2015-10-22 165504]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2010-02-22 11776]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBMULCD;USB Multi-Channel Audio Device Interface; C:\Windows\system32\drivers\CM10664.sys [2009-06-11 1306624]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2014-09-04 597896]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-09-05 239616]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2011-03-08 122608]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-02-24 1343408]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-08-25 260424]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-04-25 31000]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-03-28 89840]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-06-28 2413056]
R2 lmadmin;lmadmin; C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe [2011-08-05 6587728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-22 325656]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-01 76888]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-01-03 311808]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-10-13 1044816]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-06-14 1098296]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16 269000]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-10-17 1357104]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-12-17 227904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-15 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-21 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-07 12:03:52 ----D---- C:\rsit
2015-11-03 19:34:56 ----RD---- C:\Program Files (x86)\Skype
2015-10-22 22:29:53 ----D---- C:\Users\r0ach\AppData\Roaming\edxLabs
2015-10-22 17:44:57 ----A---- C:\Windows\system32\drivers\IT9135BDA.sys
2015-10-16 21:35:21 ----A---- C:\Windows\system32\invagent.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\generaltel.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\devinv.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-16 21:35:21 ----A---- C:\Windows\system32\appraiser.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\aeinv.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\acmigration.dll
2015-10-13 19:20:43 ----A---- C:\Windows\system32\shell32.dll
2015-10-13 19:20:37 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-10-13 19:20:32 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-13 19:20:28 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-10-13 19:19:41 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-13 19:19:41 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-13 19:19:41 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-10-13 19:19:41 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-10-13 19:19:41 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-13 19:19:40 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-13 19:19:40 ----A---- C:\Windows\system32\iernonce.dll
2015-10-13 19:19:40 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-13 19:19:39 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-13 19:19:39 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-13 19:19:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-10-13 19:19:09 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-13 19:19:09 ----A---- C:\Windows\system32\urlmon.dll
2015-10-13 19:19:09 ----A---- C:\Windows\system32\occache.dll
2015-10-13 19:19:09 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-13 19:19:08 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-13 19:19:08 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-13 19:19:08 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-10-13 19:19:08 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-13 19:19:07 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-13 19:19:07 ----A---- C:\Windows\system32\iesetup.dll
2015-10-13 19:19:07 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-13 19:19:06 ----A---- C:\Windows\system32\iertutil.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-10-13 19:19:05 ----A---- C:\Windows\system32\vbscript.dll
2015-10-13 19:19:04 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-10-13 19:19:04 ----A---- C:\Windows\system32\jsproxy.dll
2015-10-13 19:19:04 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-13 19:19:03 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-13 19:19:03 ----A---- C:\Windows\system32\ieui.dll
2015-10-13 19:19:03 ----A---- C:\Windows\system32\ieframe.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\webcheck.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\jscript9diag.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\jscript9.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\jscript.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\ieUnatt.exe
2015-10-13 19:19:01 ----A---- C:\Windows\system32\wininet.dll
2015-10-13 19:19:01 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-13 19:19:00 ----A---- C:\Windows\system32\msrating.dll
2015-10-13 19:19:00 ----A---- C:\Windows\system32\mshtml.dll
2015-10-13 19:18:22 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wucltux.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wuapi.dll
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wups2.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wups.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wudriver.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wuapp.exe
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-10-13 19:17:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-13 19:17:40 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-10-13 19:17:39 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-10-13 19:17:37 ----A---- C:\Windows\system32\kernel32.dll
2015-10-13 19:17:37 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-10-13 19:17:37 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-10-13 19:17:36 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-10-13 19:17:36 ----A---- C:\Windows\system32\ntdll.dll
2015-10-13 19:17:36 ----A---- C:\Windows\system32\lsasrv.dll
2015-10-13 19:17:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-10-13 19:17:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\wow64.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\winsrv.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\srcore.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\rpcrt4.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\conhost.exe
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\wdigest.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\TSpkg.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\sspisrv.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\sspicli.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\srclient.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\smss.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\schannel.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\rstrui.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\ntvdm64.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\ncrypt.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\msv1_0.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\lsass.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\kerberos.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\csrsrv.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\cryptbase.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\auditpol.exe
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\wow64win.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\wow64cpu.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\secur32.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-10-13 19:17:32 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-10-13 19:17:32 ----A---- C:\Windows\system32\credssp.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\user.exe
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\msobjs.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\msaudite.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\apisetschema.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\adtschema.dll
2015-10-13 19:16:54 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-10-13 19:16:54 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-10-13 19:16:54 ----A---- C:\Windows\system32\drivers\appid.sys
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidsvc.dll
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidapi.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
======List of files/folders modified in the last 1 month======
2015-11-07 12:03:55 ----D---- C:\Windows\Prefetch
2015-11-07 12:03:54 ----D---- C:\Program Files\trend micro
2015-11-07 12:03:53 ----D---- C:\Windows\temp
2015-11-07 12:03:40 ----D---- C:\Users\r0ach\AppData\Roaming\Skype
2015-11-07 11:59:42 ----D---- C:\Windows\Tasks
2015-11-07 11:59:42 ----D---- C:\Windows\system32\Tasks
2015-11-07 11:57:05 ----D---- C:\Windows\System32
2015-11-07 11:57:05 ----D---- C:\Windows\inf
2015-11-07 11:57:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-07 11:53:41 ----A---- C:\Windows\SYSWOW64\log.txt
2015-11-07 11:52:20 ----D---- C:\Users\r0ach\AppData\Roaming\Dropbox
2015-11-07 11:52:12 ----D---- C:\Windows\system32\config
2015-11-07 00:18:33 ----SHD---- C:\System Volume Information
2015-11-03 19:41:10 ----SHD---- C:\Windows\Installer
2015-11-03 19:41:10 ----D---- C:\Config.Msi
2015-11-03 19:35:04 ----D---- C:\ProgramData\Skype
2015-11-03 19:34:56 ----RD---- C:\Program Files (x86)
2015-11-03 19:34:56 ----D---- C:\Windows\SysWOW64
2015-11-03 19:34:56 ----D---- C:\Program Files (x86)\Common Files
2015-11-03 19:20:27 ----A---- C:\Windows\Cm106.ini.imi
2015-10-22 22:25:59 ----A---- C:\Users\r0ach\AppData\Roaming\mBot.ini
2015-10-22 21:19:33 ----D---- C:\Downloads
2015-10-22 17:45:02 ----D---- C:\Windows\system32\drivers
2015-10-22 17:45:01 ----D---- C:\Windows\system32\DriverStore
2015-10-22 17:45:00 ----D---- C:\Windows
2015-10-17 17:03:03 ----D---- C:\Windows\rescache
2015-10-17 10:07:37 ----D---- C:\Windows\winsxs
2015-10-17 10:06:22 ----SD---- C:\Windows\system32\CompatTel
2015-10-17 10:06:16 ----D---- C:\Windows\system32\appraiser
2015-10-17 10:06:12 ----D---- C:\Windows\AppPatch
2015-10-16 20:47:26 ----D---- C:\Program Files\Internet Explorer
2015-10-16 20:47:25 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-10-16 20:47:23 ----D---- C:\Windows\SYSWOW64\en-US
2015-10-16 20:47:20 ----D---- C:\Windows\system32\cs-CZ
2015-10-16 20:47:19 ----D---- C:\Windows\system32\en-US
2015-10-16 20:47:14 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-16 20:46:45 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-16 20:46:45 ----D---- C:\Windows\system32\Boot
2015-10-16 20:46:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-10-14 19:02:39 ----D---- C:\Windows\system32\MRT
2015-10-14 18:53:45 ----D---- C:\Windows\debug
2015-10-14 18:53:38 ----A---- C:\Windows\system32\MRT.exe
2015-10-13 19:14:39 ----D---- C:\Windows\system32\catroot2
2015-10-13 18:58:43 ----SD---- C:\Windows\system32\GWX
2015-10-13 18:47:47 ----SD---- C:\Windows\SYSWOW64\GWX
2015-10-13 18:39:37 ----D---- C:\Users\r0ach\AppData\Roaming\SoftGrid Client
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-01-26 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-05-20 557848]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-19 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [2009-01-14 28264]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-01-26 43320]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-05 10692096]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-09-05 459264]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2012-11-12 4747840]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-07-20 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2012-08-09 12312896]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2013-06-28 91648]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2013-06-28 208896]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2013-06-28 338536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-01-03 535552]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\drivers\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-12-13 1451056]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-07-20 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-07-20 27760]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2015-10-22 165504]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2010-02-22 11776]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBMULCD;USB Multi-Channel Audio Device Interface; C:\Windows\system32\drivers\CM10664.sys [2009-06-11 1306624]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2014-09-04 597896]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-09-05 239616]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2011-03-08 122608]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-02-24 1343408]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-08-25 260424]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-04-25 31000]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-03-28 89840]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-06-28 2413056]
R2 lmadmin;lmadmin; C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe [2011-08-05 6587728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-22 325656]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-01 76888]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-01-03 311808]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-10-13 1044816]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-06-14 1098296]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16 269000]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-10-17 1357104]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-12-17 227904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-15 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-21 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé PC
Zdravím!
Dejte první část logu ještě jednou a s hlavičkou. Hlavička je součást logu a je pro nás důležitá.
Dejte první část logu ještě jednou a s hlavičkou. Hlavička je součást logu a je pro nás důležitá.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé PC
Omlouvám se, asi jsem ji při rozdělování omylem neoznačil.
Logfile of random's system information tool 1.09 (written by random/random)
Run by r0ach at 2015-11-07 12:03:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 22 GB (3%) free of 696 GB
Total RAM: 6092 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:03:55, on 7.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Users\r0ach\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Users\r0ach\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\trend micro\r0ach.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN32D130BY05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\r0ach\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\r0ach\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Startup: Dropbox.lnk = r0ach\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: RapidMediaConverterApp.lnk = C:\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files (x86)\BitSpirit\bsurl.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lmadmin - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 18560 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\Hpservice.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c5dae2db-17d4-4fe6-a653-2e30f79b6497 -SystemEventPortName:HostProcess-8e951fa7-2bdb-49ef-968a-b4d86c0dd14c -IoCancelEventPortName:HostProcess-8e214f26-c8c5-41f9-bbba-480f93a8b65e -NonStateChangingEventPortName:HostProcess-e8e34f19-e5f4-458e-b10c-ba69fde6ec00 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:42ed0e6c-600a-43eb-bc51-efb4ba1f626e -DeviceGroupId:
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 25456384
\??\C:\Windows\system32\conhost.exe "-1878067251-1638021714-1361072767-916146423-1222444872-2042501394-1182709014941438435
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe" -Embedding
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
taskeng.exe {F8D62342-14DF-4AB1-9220-2AEB3A4B53BB}
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN32D130BY05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"
taskeng.exe {06EAF548-ED41-4A8A-A0AE-C376BE747EB7}
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Users\r0ach\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
SCIA -T r0ach-HP 11.10 -1 -c scia\SCIA_Software.lic -lmgrd_port 6978 -x lmremove --lmgrd_start 563dd766 -l logs/SCIA.log
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 4648
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
-Minimized
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k WbioSvcGroup
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Users\r0ach\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
Explorer.exe
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --flag-switches-begin --flag-switches-end
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8020.0.675311981\640875730" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,20,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.15.10.2827 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Control/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8020.2.267936356\2030793564" --font-cache-shared-handle=2084 /prefetch:673131151
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Control/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8020.3.1001177669\377279645" --font-cache-shared-handle=2296 /prefetch:673131151
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Control/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8020.14.1810337760\1288620331" --font-cache-shared-handle=2748 /prefetch:673131151
"C:\Users\r0ach\Downloads\RSITx64.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
C:\Windows\system32\sppsvc.exe
taskeng.exe {53DB3D52-9011-45D4-AABE-8ADC68F1C819}
"C:\Windows\system32\RunDll32.exe" "C:\Windows\system32\WerConCpl.dll", LaunchErcApp -responsepester
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core1d0c88e325ac674.job
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0924f7e399f12.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core1d0c00dab9dd2c9.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000UA.job
C:\Windows\tasks\HPCeeScheduleForR0ACH-HP$.job
C:\Windows\tasks\HPCeeScheduleForr0ach.job
=========Mozilla firefox=========
ProfilePath - C:\Users\r0ach\AppData\Roaming\Mozilla\Firefox\Profiles\qt76eed2.default
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation(R)Network Downloader.
"Path"=C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
websitelogon@truesuite.com
C:\Program Files (x86)\Mozilla Firefox\components\
flashplayer.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np32dsw.dll
ShockwavePlugin.class
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-08-25 1763656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12 2134656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-07 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-06 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-08-25 1613640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-06 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-13 2799912]
"Cm106Sound"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 190472]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-08-09 167744]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-08-09 392512]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-08-09 417088]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-01-03 1425408]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5581888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile Communication Centre"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2011-03-08 1355792]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\r0ach\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2014-05-01 1193352]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
"Dropbox Update"=C:\Users\r0ach\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19 134512]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48145024]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2013-06-28 113288]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-03-16 61112]
"SafeQ Client"=C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2013-02-20 259584]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-03-05 578944]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-06-14 103992]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-04 642728]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2014-09-04 488328]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
TMMonitor.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Users\r0ach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\r0ach\AppData\Roaming\Dropbox\bin\Dropbox.exe
RapidMediaConverterApp.lnk - C:\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-09 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-09-07 52920]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
Logfile of random's system information tool 1.09 (written by random/random)
Run by r0ach at 2015-11-07 12:03:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 22 GB (3%) free of 696 GB
Total RAM: 6092 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:03:55, on 7.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Users\r0ach\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Users\r0ach\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\trend micro\r0ach.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN32D130BY05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\r0ach\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\r0ach\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Startup: Dropbox.lnk = r0ach\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: RapidMediaConverterApp.lnk = C:\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files (x86)\BitSpirit\bsurl.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lmadmin - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 18560 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\Hpservice.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c5dae2db-17d4-4fe6-a653-2e30f79b6497 -SystemEventPortName:HostProcess-8e951fa7-2bdb-49ef-968a-b4d86c0dd14c -IoCancelEventPortName:HostProcess-8e214f26-c8c5-41f9-bbba-480f93a8b65e -NonStateChangingEventPortName:HostProcess-e8e34f19-e5f4-458e-b10c-ba69fde6ec00 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:42ed0e6c-600a-43eb-bc51-efb4ba1f626e -DeviceGroupId:
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 25456384
\??\C:\Windows\system32\conhost.exe "-1878067251-1638021714-1361072767-916146423-1222444872-2042501394-1182709014941438435
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe" -Embedding
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
taskeng.exe {F8D62342-14DF-4AB1-9220-2AEB3A4B53BB}
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN32D130BY05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"
taskeng.exe {06EAF548-ED41-4A8A-A0AE-C376BE747EB7}
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Users\r0ach\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
SCIA -T r0ach-HP 11.10 -1 -c scia\SCIA_Software.lic -lmgrd_port 6978 -x lmremove --lmgrd_start 563dd766 -l logs/SCIA.log
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 4648
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
-Minimized
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k WbioSvcGroup
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Users\r0ach\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
Explorer.exe
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --flag-switches-begin --flag-switches-end
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8020.0.675311981\640875730" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,20,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.15.10.2827 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Control/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8020.2.267936356\2030793564" --font-cache-shared-handle=2084 /prefetch:673131151
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Control/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8020.3.1001177669\377279645" --font-cache-shared-handle=2296 /prefetch:673131151
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Control/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/Control/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="8020.14.1810337760\1288620331" --font-cache-shared-handle=2748 /prefetch:673131151
"C:\Users\r0ach\Downloads\RSITx64.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
C:\Windows\system32\sppsvc.exe
taskeng.exe {53DB3D52-9011-45D4-AABE-8ADC68F1C819}
"C:\Windows\system32\RunDll32.exe" "C:\Windows\system32\WerConCpl.dll", LaunchErcApp -responsepester
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core1d0c88e325ac674.job
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0924f7e399f12.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core1d0c00dab9dd2c9.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000UA.job
C:\Windows\tasks\HPCeeScheduleForR0ACH-HP$.job
C:\Windows\tasks\HPCeeScheduleForr0ach.job
=========Mozilla firefox=========
ProfilePath - C:\Users\r0ach\AppData\Roaming\Mozilla\Firefox\Profiles\qt76eed2.default
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation(R)Network Downloader.
"Path"=C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
websitelogon@truesuite.com
C:\Program Files (x86)\Mozilla Firefox\components\
flashplayer.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np32dsw.dll
ShockwavePlugin.class
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-08-25 1763656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12 2134656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-07 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-06 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-08-25 1613640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-06 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-13 2799912]
"Cm106Sound"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 190472]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-08-09 167744]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-08-09 392512]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-08-09 417088]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-01-03 1425408]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5581888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile Communication Centre"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2011-03-08 1355792]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\r0ach\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2014-05-01 1193352]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
"Dropbox Update"=C:\Users\r0ach\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19 134512]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48145024]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2013-06-28 113288]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-03-16 61112]
"SafeQ Client"=C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2013-02-20 259584]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-03-05 578944]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-06-14 103992]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-04 642728]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2014-09-04 488328]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
TMMonitor.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Users\r0ach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\r0ach\AppData\Roaming\Dropbox\bin\Dropbox.exe
RapidMediaConverterApp.lnk - C:\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-09 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-09-07 52920]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé PC
OK a díky. Teď spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé PC
# AdwCleaner v5.018 - Logfile created 07/11/2015 at 13:25:28
# Updated 05/11/2015 by Xplode
# Database : 2015-11-03.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : r0ach - R0ACH-HP
# Running from : C:\Users\r0ach\Desktop\adwcleaner_5.018.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\RapidMediaConverter
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rapid Media Converter
[-] Folder Deleted : C:\Users\r0ach\AppData\Local\RapidMediaConverter
[-] Folder Deleted : C:\Users\r0ach\AppData\Roaming\RapidMediaConverter
[-] Folder Deleted : C:\Users\r0ach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rapid Media Converter
***** [ Files ] *****
[-] File Deleted : C:\Users\r0ach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RapidMediaConverterApp.lnk
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
[-] Key Deleted : HKCU\Software\RapidMediaConverterApp
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\RapidMediaConverter
[-] Data Restored : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
[-] Data Restored : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
[-] Data Restored : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
[-] Data Restored : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchURI [(Default)]
[-] Data Restored : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchURI [(Default)]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchURI [(Default)]
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner[R1].txt - [6366 bytes] - [20/03/2013 20:55:46]
C:\AdwCleaner[S1].txt - [6268 bytes] - [20/03/2013 21:12:57]
########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [2581 bytes] ##########
# Updated 05/11/2015 by Xplode
# Database : 2015-11-03.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : r0ach - R0ACH-HP
# Running from : C:\Users\r0ach\Desktop\adwcleaner_5.018.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\RapidMediaConverter
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rapid Media Converter
[-] Folder Deleted : C:\Users\r0ach\AppData\Local\RapidMediaConverter
[-] Folder Deleted : C:\Users\r0ach\AppData\Roaming\RapidMediaConverter
[-] Folder Deleted : C:\Users\r0ach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rapid Media Converter
***** [ Files ] *****
[-] File Deleted : C:\Users\r0ach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RapidMediaConverterApp.lnk
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
[-] Key Deleted : HKCU\Software\RapidMediaConverterApp
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\RapidMediaConverter
[-] Data Restored : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
[-] Data Restored : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
[-] Data Restored : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
[-] Data Restored : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchURI [(Default)]
[-] Data Restored : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchURI [(Default)]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchURI [(Default)]
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
*************************
C:\AdwCleaner[R1].txt - [6366 bytes] - [20/03/2013 20:55:46]
C:\AdwCleaner[S1].txt - [6268 bytes] - [20/03/2013 21:12:57]
########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [2581 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé PC
Poprosím o nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé PC
Logfile of random's system information tool 1.09 (written by random/random)
Run by r0ach at 2015-11-08 19:44:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 41 GB (6%) free of 696 GB
Total RAM: 6092 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:44:52, on 8.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files\trend micro\r0ach.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN32D130BY05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\r0ach\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files (x86)\BitSpirit\bsurl.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lmadmin - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17062 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\Hpservice.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ca41c922-2e0a-4de7-8a3f-5509d5799243 -SystemEventPortName:HostProcess-bfa06ebb-0a33-4451-8732-c8b173dcae27 -IoCancelEventPortName:HostProcess-b7592b70-17f8-4e53-ad0a-1e7ef35be856 -NonStateChangingEventPortName:HostProcess-70bd0bb7-6cfd-4c3e-81b8-a02e8b2727b2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4d3c0074-4af1-45a4-baad-0cee29f8edc0 -DeviceGroupId:
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 23277776
\??\C:\Windows\system32\conhost.exe "63949742011126498243099803888763628841305255905-3469340137048421961642571015
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 3500
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN32D130BY05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
taskeng.exe {769D6507-4FC4-4F4F-A181-1DA1C76BEB23}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
-Minimized
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskeng.exe {836BAA0B-BC7F-4FCD-B30C-6BCA585225FF}
taskeng.exe {7163516A-9377-4D4E-9570-DECFF1A4035F}
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
SCIA -T r0ach-HP 11.10 -1 -c scia\SCIA_Software.lic -lmgrd_port 6978 -x lmremove --lmgrd_start 563f9663 -l logs/SCIA.log
"C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe"
"C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe" -Embedding
"C:\Users\r0ach\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0924f7e399f12.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core1d0c00dab9dd2c9.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000UA.job
C:\Windows\tasks\HPCeeScheduleForR0ACH-HP$.job
C:\Windows\tasks\HPCeeScheduleForr0ach.job
=========Mozilla firefox=========
ProfilePath - C:\Users\r0ach\AppData\Roaming\Mozilla\Firefox\Profiles\qt76eed2.default
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation(R)Network Downloader.
"Path"=C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
websitelogon@truesuite.com
C:\Program Files (x86)\Mozilla Firefox\components\
flashplayer.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np32dsw.dll
ShockwavePlugin.class
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-08-25 1763656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12 2134656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-07 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-06 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-08-25 1613640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-06 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-13 2799912]
"Cm106Sound"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 190472]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-08-09 167744]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-08-09 392512]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-08-09 417088]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-01-03 1425408]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5581888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile Communication Centre"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2011-03-08 1355792]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\r0ach\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48145024]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2013-06-28 113288]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-03-16 61112]
"SafeQ Client"=C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2013-02-20 259584]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-03-05 578944]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-06-14 103992]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-04 642728]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
TMMonitor.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-09 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-09-07 52920]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-07 12:03:52 ----D---- C:\rsit
2015-11-03 19:34:56 ----RD---- C:\Program Files (x86)\Skype
2015-10-22 22:29:53 ----D---- C:\Users\r0ach\AppData\Roaming\edxLabs
2015-10-22 17:44:57 ----A---- C:\Windows\system32\drivers\IT9135BDA.sys
2015-10-16 21:35:21 ----A---- C:\Windows\system32\invagent.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\generaltel.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\devinv.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-16 21:35:21 ----A---- C:\Windows\system32\appraiser.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\aeinv.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\acmigration.dll
2015-10-13 19:20:43 ----A---- C:\Windows\system32\shell32.dll
2015-10-13 19:20:37 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-10-13 19:20:32 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-13 19:20:28 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-10-13 19:19:41 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-13 19:19:41 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-13 19:19:41 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-10-13 19:19:41 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-10-13 19:19:41 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-13 19:19:40 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-13 19:19:40 ----A---- C:\Windows\system32\iernonce.dll
2015-10-13 19:19:40 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-13 19:19:39 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-13 19:19:39 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-13 19:19:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-10-13 19:19:09 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-13 19:19:09 ----A---- C:\Windows\system32\urlmon.dll
2015-10-13 19:19:09 ----A---- C:\Windows\system32\occache.dll
2015-10-13 19:19:09 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-13 19:19:08 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-13 19:19:08 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-13 19:19:08 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-10-13 19:19:08 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-13 19:19:07 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-13 19:19:07 ----A---- C:\Windows\system32\iesetup.dll
2015-10-13 19:19:07 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-13 19:19:06 ----A---- C:\Windows\system32\iertutil.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-10-13 19:19:05 ----A---- C:\Windows\system32\vbscript.dll
2015-10-13 19:19:04 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-10-13 19:19:04 ----A---- C:\Windows\system32\jsproxy.dll
2015-10-13 19:19:04 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-13 19:19:03 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-13 19:19:03 ----A---- C:\Windows\system32\ieui.dll
2015-10-13 19:19:03 ----A---- C:\Windows\system32\ieframe.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\webcheck.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\jscript9diag.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\jscript9.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\jscript.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\ieUnatt.exe
2015-10-13 19:19:01 ----A---- C:\Windows\system32\wininet.dll
2015-10-13 19:19:01 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-13 19:19:00 ----A---- C:\Windows\system32\msrating.dll
2015-10-13 19:19:00 ----A---- C:\Windows\system32\mshtml.dll
2015-10-13 19:18:22 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wucltux.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wuapi.dll
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wups2.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wups.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wudriver.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wuapp.exe
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-10-13 19:17:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-13 19:17:40 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-10-13 19:17:39 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-10-13 19:17:37 ----A---- C:\Windows\system32\kernel32.dll
2015-10-13 19:17:37 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-10-13 19:17:37 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-10-13 19:17:36 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-10-13 19:17:36 ----A---- C:\Windows\system32\ntdll.dll
2015-10-13 19:17:36 ----A---- C:\Windows\system32\lsasrv.dll
2015-10-13 19:17:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-10-13 19:17:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\wow64.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\winsrv.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\srcore.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\rpcrt4.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\conhost.exe
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\wdigest.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\TSpkg.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\sspisrv.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\sspicli.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\srclient.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\smss.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\schannel.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\rstrui.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\ntvdm64.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\ncrypt.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\msv1_0.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\lsass.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\kerberos.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\csrsrv.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\cryptbase.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\auditpol.exe
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\wow64win.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\wow64cpu.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\secur32.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-10-13 19:17:32 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-10-13 19:17:32 ----A---- C:\Windows\system32\credssp.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\user.exe
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\msobjs.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\msaudite.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\apisetschema.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\adtschema.dll
2015-10-13 19:16:54 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-10-13 19:16:54 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-10-13 19:16:54 ----A---- C:\Windows\system32\drivers\appid.sys
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidsvc.dll
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidapi.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
======List of files/folders modified in the last 1 month======
2015-11-08 19:44:51 ----D---- C:\Windows\temp
2015-11-08 19:44:51 ----D---- C:\Program Files\trend micro
2015-11-08 19:39:04 ----D---- C:\Users\r0ach\AppData\Roaming\Skype
2015-11-07 15:09:32 ----D---- C:\Windows\Tasks
2015-11-07 15:09:32 ----D---- C:\Windows\system32\Tasks
2015-11-07 14:55:37 ----D---- C:\Windows\Microsoft.NET
2015-11-07 14:47:13 ----SHD---- C:\Windows\Installer
2015-11-07 14:46:57 ----D---- C:\Config.Msi
2015-11-07 14:44:43 ----SHD---- C:\System Volume Information
2015-11-07 14:42:42 ----D---- C:\Program Files (x86)\RailCAD
2015-11-07 14:42:20 ----D---- C:\Program Files (x86)\Polda6
2015-11-07 14:41:32 ----D---- C:\Program Files (x86)\Electronic Arts
2015-11-07 14:38:06 ----D---- C:\Users\r0ach\AppData\Roaming\Dropbox
2015-11-07 14:36:35 ----D---- C:\Program Files\Autodesk
2015-11-07 14:36:11 ----D---- C:\ProgramData\Autodesk
2015-11-07 14:36:08 ----D---- C:\Windows
2015-11-07 14:21:11 ----D---- C:\Program Files\Common Files\Autodesk Shared
2015-11-07 14:19:07 ----D---- C:\Users\r0ach\AppData\Roaming\Autodesk
2015-11-07 14:18:11 ----D---- C:\Program Files (x86)\Autodesk
2015-11-07 14:17:04 ----RSD---- C:\Windows\assembly
2015-11-07 14:16:55 ----RD---- C:\Program Files (x86)
2015-11-07 13:36:05 ----D---- C:\Windows\System32
2015-11-07 13:36:05 ----D---- C:\Windows\inf
2015-11-07 13:36:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-07 13:32:36 ----A---- C:\Windows\SYSWOW64\log.txt
2015-11-07 13:30:45 ----D---- C:\Windows\Prefetch
2015-11-07 13:30:27 ----D---- C:\Windows\system32\config
2015-11-07 13:25:28 ----D---- C:\AdwCleaner
2015-11-03 19:35:04 ----D---- C:\ProgramData\Skype
2015-11-03 19:34:56 ----D---- C:\Windows\SysWOW64
2015-11-03 19:34:56 ----D---- C:\Program Files (x86)\Common Files
2015-11-03 19:20:27 ----A---- C:\Windows\Cm106.ini.imi
2015-10-22 22:25:59 ----A---- C:\Users\r0ach\AppData\Roaming\mBot.ini
2015-10-22 21:19:33 ----D---- C:\Downloads
2015-10-22 17:45:02 ----D---- C:\Windows\system32\drivers
2015-10-22 17:45:01 ----D---- C:\Windows\system32\DriverStore
2015-10-17 17:03:03 ----D---- C:\Windows\rescache
2015-10-17 10:07:37 ----D---- C:\Windows\winsxs
2015-10-17 10:06:22 ----SD---- C:\Windows\system32\CompatTel
2015-10-17 10:06:16 ----D---- C:\Windows\system32\appraiser
2015-10-17 10:06:12 ----D---- C:\Windows\AppPatch
2015-10-16 20:47:26 ----D---- C:\Program Files\Internet Explorer
2015-10-16 20:47:25 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-10-16 20:47:23 ----D---- C:\Windows\SYSWOW64\en-US
2015-10-16 20:47:20 ----D---- C:\Windows\system32\cs-CZ
2015-10-16 20:47:19 ----D---- C:\Windows\system32\en-US
2015-10-16 20:47:14 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-16 20:46:45 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-16 20:46:45 ----D---- C:\Windows\system32\Boot
2015-10-16 20:46:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-10-14 19:02:39 ----D---- C:\Windows\system32\MRT
2015-10-14 18:53:45 ----D---- C:\Windows\debug
2015-10-14 18:53:38 ----A---- C:\Windows\system32\MRT.exe
2015-10-13 19:14:39 ----D---- C:\Windows\system32\catroot2
2015-10-13 18:58:43 ----SD---- C:\Windows\system32\GWX
2015-10-13 18:47:47 ----SD---- C:\Windows\SYSWOW64\GWX
2015-10-13 18:39:37 ----D---- C:\Users\r0ach\AppData\Roaming\SoftGrid Client
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-01-26 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-05-20 557848]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-19 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [2009-01-14 28264]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-01-26 43320]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-05 10692096]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-09-05 459264]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2012-11-12 4747840]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-07-20 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2012-08-09 12312896]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2013-06-28 91648]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2013-06-28 208896]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2013-06-28 338536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-01-03 535552]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\drivers\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-12-13 1451056]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-07-20 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-07-20 27760]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2015-10-22 165504]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2010-02-22 11776]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBMULCD;USB Multi-Channel Audio Device Interface; C:\Windows\system32\drivers\CM10664.sys [2009-06-11 1306624]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-09-05 239616]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2011-03-08 122608]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-02-24 1343408]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-08-25 260424]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-04-25 31000]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-03-28 89840]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-06-28 2413056]
R2 lmadmin;lmadmin; C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe [2011-08-05 6587728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-22 325656]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-01 76888]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-01-03 311808]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-10-13 1044816]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-06-14 1098296]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16 269000]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-10-17 1357104]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-12-17 227904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-15 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-21 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Run by r0ach at 2015-11-08 19:44:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 41 GB (6%) free of 696 GB
Total RAM: 6092 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:44:52, on 8.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files\trend micro\r0ach.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN32D130BY05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\r0ach\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files (x86)\BitSpirit\bsurl.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lmadmin - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17062 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\Hpservice.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ca41c922-2e0a-4de7-8a3f-5509d5799243 -SystemEventPortName:HostProcess-bfa06ebb-0a33-4451-8732-c8b173dcae27 -IoCancelEventPortName:HostProcess-b7592b70-17f8-4e53-ad0a-1e7ef35be856 -NonStateChangingEventPortName:HostProcess-70bd0bb7-6cfd-4c3e-81b8-a02e8b2727b2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4d3c0074-4af1-45a4-baad-0cee29f8edc0 -DeviceGroupId:
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 23277776
\??\C:\Windows\system32\conhost.exe "63949742011126498243099803888763628841305255905-3469340137048421961642571015
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 3500
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN32D130BY05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
taskeng.exe {769D6507-4FC4-4F4F-A181-1DA1C76BEB23}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
-Minimized
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskeng.exe {836BAA0B-BC7F-4FCD-B30C-6BCA585225FF}
taskeng.exe {7163516A-9377-4D4E-9570-DECFF1A4035F}
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
SCIA -T r0ach-HP 11.10 -1 -c scia\SCIA_Software.lic -lmgrd_port 6978 -x lmremove --lmgrd_start 563f9663 -l logs/SCIA.log
"C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe"
"C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe" -Embedding
"C:\Users\r0ach\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0924f7e399f12.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core1d0c00dab9dd2c9.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000UA.job
C:\Windows\tasks\HPCeeScheduleForR0ACH-HP$.job
C:\Windows\tasks\HPCeeScheduleForr0ach.job
=========Mozilla firefox=========
ProfilePath - C:\Users\r0ach\AppData\Roaming\Mozilla\Firefox\Profiles\qt76eed2.default
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation(R)Network Downloader.
"Path"=C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
websitelogon@truesuite.com
C:\Program Files (x86)\Mozilla Firefox\components\
flashplayer.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np32dsw.dll
ShockwavePlugin.class
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-08-25 1763656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12 2134656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-07 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-06 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-08-25 1613640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-06 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-13 2799912]
"Cm106Sound"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 190472]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-08-09 167744]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-08-09 392512]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-08-09 417088]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-01-03 1425408]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5581888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile Communication Centre"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2011-03-08 1355792]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\r0ach\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48145024]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2013-06-28 113288]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-03-16 61112]
"SafeQ Client"=C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2013-02-20 259584]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-03-05 578944]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-06-14 103992]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-04 642728]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
TMMonitor.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-09 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-09-07 52920]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-07 12:03:52 ----D---- C:\rsit
2015-11-03 19:34:56 ----RD---- C:\Program Files (x86)\Skype
2015-10-22 22:29:53 ----D---- C:\Users\r0ach\AppData\Roaming\edxLabs
2015-10-22 17:44:57 ----A---- C:\Windows\system32\drivers\IT9135BDA.sys
2015-10-16 21:35:21 ----A---- C:\Windows\system32\invagent.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\generaltel.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\devinv.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-16 21:35:21 ----A---- C:\Windows\system32\appraiser.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\aeinv.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\acmigration.dll
2015-10-13 19:20:43 ----A---- C:\Windows\system32\shell32.dll
2015-10-13 19:20:37 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-10-13 19:20:32 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-13 19:20:28 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-10-13 19:19:41 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-13 19:19:41 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-13 19:19:41 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-10-13 19:19:41 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-10-13 19:19:41 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-13 19:19:40 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-13 19:19:40 ----A---- C:\Windows\system32\iernonce.dll
2015-10-13 19:19:40 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-13 19:19:39 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-13 19:19:39 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-13 19:19:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-10-13 19:19:09 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-13 19:19:09 ----A---- C:\Windows\system32\urlmon.dll
2015-10-13 19:19:09 ----A---- C:\Windows\system32\occache.dll
2015-10-13 19:19:09 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-13 19:19:08 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-13 19:19:08 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-13 19:19:08 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-10-13 19:19:08 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-13 19:19:07 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-13 19:19:07 ----A---- C:\Windows\system32\iesetup.dll
2015-10-13 19:19:07 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-13 19:19:06 ----A---- C:\Windows\system32\iertutil.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-10-13 19:19:05 ----A---- C:\Windows\system32\vbscript.dll
2015-10-13 19:19:04 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-10-13 19:19:04 ----A---- C:\Windows\system32\jsproxy.dll
2015-10-13 19:19:04 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-13 19:19:03 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-13 19:19:03 ----A---- C:\Windows\system32\ieui.dll
2015-10-13 19:19:03 ----A---- C:\Windows\system32\ieframe.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\webcheck.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\jscript9diag.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\jscript9.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\jscript.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\ieUnatt.exe
2015-10-13 19:19:01 ----A---- C:\Windows\system32\wininet.dll
2015-10-13 19:19:01 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-13 19:19:00 ----A---- C:\Windows\system32\msrating.dll
2015-10-13 19:19:00 ----A---- C:\Windows\system32\mshtml.dll
2015-10-13 19:18:22 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wucltux.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wuapi.dll
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wups2.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wups.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wudriver.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wuapp.exe
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-10-13 19:17:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-13 19:17:40 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-10-13 19:17:39 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-10-13 19:17:37 ----A---- C:\Windows\system32\kernel32.dll
2015-10-13 19:17:37 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-10-13 19:17:37 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-10-13 19:17:36 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-10-13 19:17:36 ----A---- C:\Windows\system32\ntdll.dll
2015-10-13 19:17:36 ----A---- C:\Windows\system32\lsasrv.dll
2015-10-13 19:17:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-10-13 19:17:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\wow64.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\winsrv.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\srcore.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\rpcrt4.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\conhost.exe
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\wdigest.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\TSpkg.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\sspisrv.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\sspicli.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\srclient.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\smss.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\schannel.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\rstrui.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\ntvdm64.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\ncrypt.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\msv1_0.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\lsass.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\kerberos.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\csrsrv.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\cryptbase.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\auditpol.exe
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\wow64win.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\wow64cpu.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\secur32.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-10-13 19:17:32 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-10-13 19:17:32 ----A---- C:\Windows\system32\credssp.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\user.exe
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\msobjs.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\msaudite.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\apisetschema.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\adtschema.dll
2015-10-13 19:16:54 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-10-13 19:16:54 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-10-13 19:16:54 ----A---- C:\Windows\system32\drivers\appid.sys
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidsvc.dll
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidapi.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
======List of files/folders modified in the last 1 month======
2015-11-08 19:44:51 ----D---- C:\Windows\temp
2015-11-08 19:44:51 ----D---- C:\Program Files\trend micro
2015-11-08 19:39:04 ----D---- C:\Users\r0ach\AppData\Roaming\Skype
2015-11-07 15:09:32 ----D---- C:\Windows\Tasks
2015-11-07 15:09:32 ----D---- C:\Windows\system32\Tasks
2015-11-07 14:55:37 ----D---- C:\Windows\Microsoft.NET
2015-11-07 14:47:13 ----SHD---- C:\Windows\Installer
2015-11-07 14:46:57 ----D---- C:\Config.Msi
2015-11-07 14:44:43 ----SHD---- C:\System Volume Information
2015-11-07 14:42:42 ----D---- C:\Program Files (x86)\RailCAD
2015-11-07 14:42:20 ----D---- C:\Program Files (x86)\Polda6
2015-11-07 14:41:32 ----D---- C:\Program Files (x86)\Electronic Arts
2015-11-07 14:38:06 ----D---- C:\Users\r0ach\AppData\Roaming\Dropbox
2015-11-07 14:36:35 ----D---- C:\Program Files\Autodesk
2015-11-07 14:36:11 ----D---- C:\ProgramData\Autodesk
2015-11-07 14:36:08 ----D---- C:\Windows
2015-11-07 14:21:11 ----D---- C:\Program Files\Common Files\Autodesk Shared
2015-11-07 14:19:07 ----D---- C:\Users\r0ach\AppData\Roaming\Autodesk
2015-11-07 14:18:11 ----D---- C:\Program Files (x86)\Autodesk
2015-11-07 14:17:04 ----RSD---- C:\Windows\assembly
2015-11-07 14:16:55 ----RD---- C:\Program Files (x86)
2015-11-07 13:36:05 ----D---- C:\Windows\System32
2015-11-07 13:36:05 ----D---- C:\Windows\inf
2015-11-07 13:36:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-07 13:32:36 ----A---- C:\Windows\SYSWOW64\log.txt
2015-11-07 13:30:45 ----D---- C:\Windows\Prefetch
2015-11-07 13:30:27 ----D---- C:\Windows\system32\config
2015-11-07 13:25:28 ----D---- C:\AdwCleaner
2015-11-03 19:35:04 ----D---- C:\ProgramData\Skype
2015-11-03 19:34:56 ----D---- C:\Windows\SysWOW64
2015-11-03 19:34:56 ----D---- C:\Program Files (x86)\Common Files
2015-11-03 19:20:27 ----A---- C:\Windows\Cm106.ini.imi
2015-10-22 22:25:59 ----A---- C:\Users\r0ach\AppData\Roaming\mBot.ini
2015-10-22 21:19:33 ----D---- C:\Downloads
2015-10-22 17:45:02 ----D---- C:\Windows\system32\drivers
2015-10-22 17:45:01 ----D---- C:\Windows\system32\DriverStore
2015-10-17 17:03:03 ----D---- C:\Windows\rescache
2015-10-17 10:07:37 ----D---- C:\Windows\winsxs
2015-10-17 10:06:22 ----SD---- C:\Windows\system32\CompatTel
2015-10-17 10:06:16 ----D---- C:\Windows\system32\appraiser
2015-10-17 10:06:12 ----D---- C:\Windows\AppPatch
2015-10-16 20:47:26 ----D---- C:\Program Files\Internet Explorer
2015-10-16 20:47:25 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-10-16 20:47:23 ----D---- C:\Windows\SYSWOW64\en-US
2015-10-16 20:47:20 ----D---- C:\Windows\system32\cs-CZ
2015-10-16 20:47:19 ----D---- C:\Windows\system32\en-US
2015-10-16 20:47:14 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-16 20:46:45 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-16 20:46:45 ----D---- C:\Windows\system32\Boot
2015-10-16 20:46:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-10-14 19:02:39 ----D---- C:\Windows\system32\MRT
2015-10-14 18:53:45 ----D---- C:\Windows\debug
2015-10-14 18:53:38 ----A---- C:\Windows\system32\MRT.exe
2015-10-13 19:14:39 ----D---- C:\Windows\system32\catroot2
2015-10-13 18:58:43 ----SD---- C:\Windows\system32\GWX
2015-10-13 18:47:47 ----SD---- C:\Windows\SYSWOW64\GWX
2015-10-13 18:39:37 ----D---- C:\Users\r0ach\AppData\Roaming\SoftGrid Client
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-01-26 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-05-20 557848]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-19 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [2009-01-14 28264]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-01-26 43320]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-05 10692096]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-09-05 459264]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2012-11-12 4747840]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-07-20 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2012-08-09 12312896]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2013-06-28 91648]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2013-06-28 208896]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2013-06-28 338536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-01-03 535552]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\drivers\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-12-13 1451056]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-07-20 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-07-20 27760]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2015-10-22 165504]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2010-02-22 11776]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBMULCD;USB Multi-Channel Audio Device Interface; C:\Windows\system32\drivers\CM10664.sys [2009-06-11 1306624]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-09-05 239616]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2011-03-08 122608]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-02-24 1343408]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-08-25 260424]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-04-25 31000]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-03-28 89840]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-06-28 2413056]
R2 lmadmin;lmadmin; C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe [2011-08-05 6587728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-22 325656]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-01 76888]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-01-03 311808]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-10-13 1044816]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-06-14 1098296]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16 269000]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-10-17 1357104]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-12-17 227904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-15 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-21 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé PC
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files (x86)\Skype\Toolbars
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0924f7e399f12.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core1d0c00dab9dd2c9.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000UA.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
:services
c2cautoupdatesvc
c2cpnrsvc
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé PC
vypis z OTM
All processes killed
========== FILES ==========
C:\Program Files (x86)\Skype\Toolbars\PNRSvc folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64 folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\FirefoxAddOn folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars folder moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0924f7e399f12.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core1d0c00dab9dd2c9.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000UA.job moved successfully.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
========== SERVICES/DRIVERS ==========
Service c2cautoupdatesvc stopped successfully!
Service c2cautoupdatesvc deleted successfully!
Service c2cpnrsvc stopped successfully!
Service c2cpnrsvc deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: r0ach
->Temp folder emptied: 147705235 bytes
->Temporary Internet Files folder emptied: 45845167 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 276691802 bytes
->Flash cache emptied: 926 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 77538951 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 2194432 bytes
Total Files Cleaned = 524,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: r0ach
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 11082015_214121
Files moved on Reboot...
C:\Users\r0ach\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\r0ach\AppData\Local\Temp\SafeQClientUI.log moved successfully.
File C:\Users\r0ach\AppData\Local\Temp\~DF0822373B8187C836.TMP not found!
File C:\Users\r0ach\AppData\Local\Temp\~DF4D59B6DE6500955B.TMP not found!
File C:\Users\r0ach\AppData\Local\Temp\~DFCB04D8152906C00B.TMP not found!
File C:\Users\r0ach\AppData\Local\Temp\~DFE140B2940A19791D.TMP not found!
File C:\Users\r0ach\AppData\Local\Temp\~DFE5CD7381DD233011.TMP not found!
C:\Users\r0ach\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File C:\Windows\temp\TMP0000007385F0733C1AFD1DA9 not found!
File C:\Windows\temp\TMP000000800AD69CE67D7D2387 not found!
Registry entries deleted on Reboot...
All processes killed
========== FILES ==========
C:\Program Files (x86)\Skype\Toolbars\PNRSvc folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64 folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\FirefoxAddOn folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate folder moved successfully.
C:\Program Files (x86)\Skype\Toolbars folder moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0924f7e399f12.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000Core1d0c00dab9dd2c9.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-228327966-2270223930-1445267679-1000UA.job moved successfully.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
========== SERVICES/DRIVERS ==========
Service c2cautoupdatesvc stopped successfully!
Service c2cautoupdatesvc deleted successfully!
Service c2cpnrsvc stopped successfully!
Service c2cpnrsvc deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: r0ach
->Temp folder emptied: 147705235 bytes
->Temporary Internet Files folder emptied: 45845167 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 276691802 bytes
->Flash cache emptied: 926 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 77538951 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 2194432 bytes
Total Files Cleaned = 524,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: r0ach
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 11082015_214121
Files moved on Reboot...
C:\Users\r0ach\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\r0ach\AppData\Local\Temp\SafeQClientUI.log moved successfully.
File C:\Users\r0ach\AppData\Local\Temp\~DF0822373B8187C836.TMP not found!
File C:\Users\r0ach\AppData\Local\Temp\~DF4D59B6DE6500955B.TMP not found!
File C:\Users\r0ach\AppData\Local\Temp\~DFCB04D8152906C00B.TMP not found!
File C:\Users\r0ach\AppData\Local\Temp\~DFE140B2940A19791D.TMP not found!
File C:\Users\r0ach\AppData\Local\Temp\~DFE5CD7381DD233011.TMP not found!
C:\Users\r0ach\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File C:\Windows\temp\TMP0000007385F0733C1AFD1DA9 not found!
File C:\Windows\temp\TMP000000800AD69CE67D7D2387 not found!
Registry entries deleted on Reboot...
Re: Pomalé PC
RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by r0ach at 2015-11-08 21:51:00
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 41 GB (6%) free of 696 GB
Total RAM: 6092 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:51:06, on 8.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Users\r0ach\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\r0ach.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN32D130BY05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\r0ach\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files (x86)\BitSpirit\bsurl.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lmadmin - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17391 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\Hpservice.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-92015b3a-4fdb-4e90-82ba-bdd610bb04fa -SystemEventPortName:HostProcess-6af092c7-1f59-4e93-9ede-731c15a49bcf -IoCancelEventPortName:HostProcess-fd21e1ac-6dbe-4e80-b2d2-d866f29fd597 -NonStateChangingEventPortName:HostProcess-7ecd867d-476a-4530-9a55-9bde2ac1bf30 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:96c597cf-1e94-4ba4-8c57-e46ad20fb691 -DeviceGroupId:
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 3994256
\??\C:\Windows\system32\conhost.exe "-2145211478-1690863509-717160962-1662678698-33599530-1068745523215520563-502009604
C:\Windows\System32\spoolsv.exe
taskeng.exe {8D9891C7-0251-4C86-8D48-AA150AB18D63}
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"taskhost.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe" -Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
taskeng.exe {B44F66AF-DE07-4D6C-8D0B-1729F99376CA}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe"
C:\Windows\System32\svchost.exe -k HPZ12
SCIA -T r0ach-HP 11.10 -1 -c scia\SCIA_Software.lic -lmgrd_port 6978 -x lmremove --lmgrd_start 563fb49e -l logs/SCIA.log
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 3744
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN32D130BY05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
"C:\Users\r0ach\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
taskeng.exe {0EE5DCBD-76C8-4469-9AB0-4982E2DAD91C}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
-Minimized
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Control/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6680.1.909158974\1162163894" --font-cache-shared-handle=2000 /prefetch:673131151
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Control/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6680.2.1605146680\1043144616" --font-cache-shared-handle=2296 /prefetch:673131151
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Control/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6680.3.1684364441\1659240133" --font-cache-shared-handle=2644 /prefetch:673131151
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6680.4.997662667\350859949" --disable-d3d11 --use-gl=swiftshader --supports-dual-gpus=false --swiftshader-path="C:\Users\r0ach\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159" --gpu-driver-bug-workarounds=2,8,20,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.15.10.2827 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Control/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="6680.6.1971984228\1066685240" --font-cache-shared-handle=4796 /prefetch:673131151
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe" /taskrestart
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
wmiadap.exe /F /T /R
C:\Windows\system32\GWX\GWXDetector.exe
"C:\Users\r0ach\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\HPCeeScheduleForR0ACH-HP$.job
C:\Windows\tasks\HPCeeScheduleForr0ach.job
=========Mozilla firefox=========
ProfilePath - C:\Users\r0ach\AppData\Roaming\Mozilla\Firefox\Profiles\qt76eed2.default
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation(R)Network Downloader.
"Path"=C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
websitelogon@truesuite.com
C:\Program Files (x86)\Mozilla Firefox\components\
flashplayer.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np32dsw.dll
ShockwavePlugin.class
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-08-25 1763656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-07 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-06 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-08-25 1613640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-06 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-13 2799912]
"Cm106Sound"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 190472]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-08-09 167744]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-08-09 392512]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-08-09 417088]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-01-03 1425408]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5581888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile Communication Centre"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2011-03-08 1355792]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\r0ach\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48145024]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2013-06-28 113288]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-03-16 61112]
"SafeQ Client"=C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2013-02-20 259584]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-03-05 578944]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-06-14 103992]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-04 642728]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
TMMonitor.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-09 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-09-07 52920]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-08 21:41:21 ----D---- C:\_OTM
2015-11-07 12:03:52 ----D---- C:\rsit
2015-11-03 19:34:56 ----RD---- C:\Program Files (x86)\Skype
2015-10-22 22:29:53 ----D---- C:\Users\r0ach\AppData\Roaming\edxLabs
2015-10-22 17:44:57 ----A---- C:\Windows\system32\drivers\IT9135BDA.sys
2015-10-16 21:35:21 ----A---- C:\Windows\system32\invagent.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\generaltel.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\devinv.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-16 21:35:21 ----A---- C:\Windows\system32\appraiser.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\aeinv.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\acmigration.dll
2015-10-13 19:20:43 ----A---- C:\Windows\system32\shell32.dll
2015-10-13 19:20:37 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-10-13 19:20:32 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-13 19:20:28 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-10-13 19:19:41 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-13 19:19:41 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-13 19:19:41 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-10-13 19:19:41 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-10-13 19:19:41 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-13 19:19:40 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-13 19:19:40 ----A---- C:\Windows\system32\iernonce.dll
2015-10-13 19:19:40 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-13 19:19:39 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-13 19:19:39 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-13 19:19:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-10-13 19:19:09 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-13 19:19:09 ----A---- C:\Windows\system32\urlmon.dll
2015-10-13 19:19:09 ----A---- C:\Windows\system32\occache.dll
2015-10-13 19:19:09 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-13 19:19:08 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-13 19:19:08 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-13 19:19:08 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-10-13 19:19:08 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-13 19:19:07 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-13 19:19:07 ----A---- C:\Windows\system32\iesetup.dll
2015-10-13 19:19:07 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-13 19:19:06 ----A---- C:\Windows\system32\iertutil.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-10-13 19:19:05 ----A---- C:\Windows\system32\vbscript.dll
2015-10-13 19:19:04 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-10-13 19:19:04 ----A---- C:\Windows\system32\jsproxy.dll
2015-10-13 19:19:04 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-13 19:19:03 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-13 19:19:03 ----A---- C:\Windows\system32\ieui.dll
2015-10-13 19:19:03 ----A---- C:\Windows\system32\ieframe.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\webcheck.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\jscript9diag.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\jscript9.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\jscript.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\ieUnatt.exe
2015-10-13 19:19:01 ----A---- C:\Windows\system32\wininet.dll
2015-10-13 19:19:01 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-13 19:19:00 ----A---- C:\Windows\system32\msrating.dll
2015-10-13 19:19:00 ----A---- C:\Windows\system32\mshtml.dll
2015-10-13 19:18:22 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wucltux.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wuapi.dll
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wups2.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wups.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wudriver.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wuapp.exe
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-10-13 19:17:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-13 19:17:40 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-10-13 19:17:39 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-10-13 19:17:37 ----A---- C:\Windows\system32\kernel32.dll
2015-10-13 19:17:37 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-10-13 19:17:37 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-10-13 19:17:36 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-10-13 19:17:36 ----A---- C:\Windows\system32\ntdll.dll
2015-10-13 19:17:36 ----A---- C:\Windows\system32\lsasrv.dll
2015-10-13 19:17:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-10-13 19:17:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\wow64.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\winsrv.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\srcore.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\rpcrt4.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\conhost.exe
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\wdigest.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\TSpkg.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\sspisrv.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\sspicli.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\srclient.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\smss.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\schannel.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\rstrui.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\ntvdm64.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\ncrypt.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\msv1_0.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\lsass.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\kerberos.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\csrsrv.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\cryptbase.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\auditpol.exe
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\wow64win.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\wow64cpu.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\secur32.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-10-13 19:17:32 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-10-13 19:17:32 ----A---- C:\Windows\system32\credssp.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\user.exe
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\msobjs.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\msaudite.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\apisetschema.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\adtschema.dll
2015-10-13 19:16:54 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-10-13 19:16:54 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-10-13 19:16:54 ----A---- C:\Windows\system32\drivers\appid.sys
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidsvc.dll
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidapi.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
======List of files/folders modified in the last 1 month======
2015-11-08 21:51:06 ----D---- C:\Users\r0ach\AppData\Roaming\Skype
2015-11-08 21:51:05 ----D---- C:\Program Files\trend micro
2015-11-08 21:49:54 ----A---- C:\Windows\SYSWOW64\log.txt
2015-11-08 21:49:48 ----D---- C:\Windows\temp
2015-11-08 21:47:05 ----D---- C:\Windows\system32\config
2015-11-08 21:44:36 ----D---- C:\Windows
2015-11-08 21:44:36 ----D---- C:\Users\r0ach\AppData\Roaming\Dropbox
2015-11-08 21:41:23 ----D---- C:\Windows\Tasks
2015-11-08 19:54:06 ----D---- C:\Windows\System32
2015-11-08 19:54:06 ----D---- C:\Windows\inf
2015-11-08 19:54:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-07 15:09:32 ----D---- C:\Windows\system32\Tasks
2015-11-07 14:55:37 ----D---- C:\Windows\Microsoft.NET
2015-11-07 14:47:13 ----SHD---- C:\Windows\Installer
2015-11-07 14:46:57 ----D---- C:\Config.Msi
2015-11-07 14:44:43 ----SHD---- C:\System Volume Information
2015-11-07 14:42:42 ----D---- C:\Program Files (x86)\RailCAD
2015-11-07 14:42:20 ----D---- C:\Program Files (x86)\Polda6
2015-11-07 14:41:32 ----D---- C:\Program Files (x86)\Electronic Arts
2015-11-07 14:36:35 ----D---- C:\Program Files\Autodesk
2015-11-07 14:36:11 ----D---- C:\ProgramData\Autodesk
2015-11-07 14:21:11 ----D---- C:\Program Files\Common Files\Autodesk Shared
2015-11-07 14:19:07 ----D---- C:\Users\r0ach\AppData\Roaming\Autodesk
2015-11-07 14:18:11 ----D---- C:\Program Files (x86)\Autodesk
2015-11-07 14:17:04 ----RSD---- C:\Windows\assembly
2015-11-07 14:16:55 ----RD---- C:\Program Files (x86)
2015-11-07 13:30:45 ----D---- C:\Windows\Prefetch
2015-11-07 13:25:28 ----D---- C:\AdwCleaner
2015-11-03 19:35:04 ----D---- C:\ProgramData\Skype
2015-11-03 19:34:56 ----D---- C:\Windows\SysWOW64
2015-11-03 19:34:56 ----D---- C:\Program Files (x86)\Common Files
2015-11-03 19:20:27 ----A---- C:\Windows\Cm106.ini.imi
2015-10-22 22:25:59 ----A---- C:\Users\r0ach\AppData\Roaming\mBot.ini
2015-10-22 21:19:33 ----D---- C:\Downloads
2015-10-22 17:45:02 ----D---- C:\Windows\system32\drivers
2015-10-22 17:45:01 ----D---- C:\Windows\system32\DriverStore
2015-10-17 17:03:03 ----D---- C:\Windows\rescache
2015-10-17 10:07:37 ----D---- C:\Windows\winsxs
2015-10-17 10:06:22 ----SD---- C:\Windows\system32\CompatTel
2015-10-17 10:06:16 ----D---- C:\Windows\system32\appraiser
2015-10-17 10:06:12 ----D---- C:\Windows\AppPatch
2015-10-16 20:47:26 ----D---- C:\Program Files\Internet Explorer
2015-10-16 20:47:25 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-10-16 20:47:23 ----D---- C:\Windows\SYSWOW64\en-US
2015-10-16 20:47:20 ----D---- C:\Windows\system32\cs-CZ
2015-10-16 20:47:19 ----D---- C:\Windows\system32\en-US
2015-10-16 20:47:14 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-16 20:46:45 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-16 20:46:45 ----D---- C:\Windows\system32\Boot
2015-10-16 20:46:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-10-14 19:02:39 ----D---- C:\Windows\system32\MRT
2015-10-14 18:53:45 ----D---- C:\Windows\debug
2015-10-14 18:53:38 ----A---- C:\Windows\system32\MRT.exe
2015-10-13 19:14:39 ----D---- C:\Windows\system32\catroot2
2015-10-13 18:58:43 ----SD---- C:\Windows\system32\GWX
2015-10-13 18:47:47 ----SD---- C:\Windows\SYSWOW64\GWX
2015-10-13 18:39:37 ----D---- C:\Users\r0ach\AppData\Roaming\SoftGrid Client
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-01-26 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-05-20 557848]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-19 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [2009-01-14 28264]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-01-26 43320]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-05 10692096]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-09-05 459264]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2012-11-12 4747840]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-07-20 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2012-08-09 12312896]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2013-06-28 91648]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2013-06-28 208896]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2013-06-28 338536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-01-03 535552]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\drivers\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-12-13 1451056]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-07-20 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-07-20 27760]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2015-10-22 165504]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2010-02-22 11776]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBMULCD;USB Multi-Channel Audio Device Interface; C:\Windows\system32\drivers\CM10664.sys [2009-06-11 1306624]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-09-05 239616]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2011-03-08 122608]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-02-24 1343408]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-08-25 260424]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-04-25 31000]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-03-28 89840]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-06-28 2413056]
R2 lmadmin;lmadmin; C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe [2011-08-05 6587728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-22 325656]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-01 76888]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-01-03 311808]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-10-13 1044816]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-06-14 1098296]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16 269000]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-10-17 1357104]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-12-17 227904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-15 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-21 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by r0ach at 2015-11-08 21:51:00
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 41 GB (6%) free of 696 GB
Total RAM: 6092 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:51:06, on 8.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Users\r0ach\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\r0ach.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: TSBHO Class - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN32D130BY05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\r0ach\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files (x86)\BitSpirit\bsurl.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lmadmin - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17391 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\Hpservice.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-92015b3a-4fdb-4e90-82ba-bdd610bb04fa -SystemEventPortName:HostProcess-6af092c7-1f59-4e93-9ede-731c15a49bcf -IoCancelEventPortName:HostProcess-fd21e1ac-6dbe-4e80-b2d2-d866f29fd597 -NonStateChangingEventPortName:HostProcess-7ecd867d-476a-4530-9a55-9bde2ac1bf30 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:96c597cf-1e94-4ba4-8c57-e46ad20fb691 -DeviceGroupId:
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 3994256
\??\C:\Windows\system32\conhost.exe "-2145211478-1690863509-717160962-1662678698-33599530-1068745523215520563-502009604
C:\Windows\System32\spoolsv.exe
taskeng.exe {8D9891C7-0251-4C86-8D48-AA150AB18D63}
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"taskhost.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe" -Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
taskeng.exe {B44F66AF-DE07-4D6C-8D0B-1729F99376CA}
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe"
C:\Windows\System32\svchost.exe -k HPZ12
SCIA -T r0ach-HP 11.10 -1 -c scia\SCIA_Software.lic -lmgrd_port 6978 -x lmremove --lmgrd_start 563fb49e -l logs/SCIA.log
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 3744
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN32D130BY05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
"C:\Users\r0ach\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
taskeng.exe {0EE5DCBD-76C8-4469-9AB0-4982E2DAD91C}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
-Minimized
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Control/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6680.1.909158974\1162163894" --font-cache-shared-handle=2000 /prefetch:673131151
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Control/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6680.2.1605146680\1043144616" --font-cache-shared-handle=2296 /prefetch:673131151
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Control/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6680.3.1684364441\1659240133" --font-cache-shared-handle=2644 /prefetch:673131151
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6680.4.997662667\350859949" --disable-d3d11 --use-gl=swiftshader --supports-dual-gpus=false --swiftshader-path="C:\Users\r0ach\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159" --gpu-driver-bug-workarounds=2,8,20,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.15.10.2827 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Users\r0ach\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Control/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group12 pct:1c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="6680.6.1971984228\1066685240" --font-cache-shared-handle=4796 /prefetch:673131151
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe" /taskrestart
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
wmiadap.exe /F /T /R
C:\Windows\system32\GWX\GWXDetector.exe
"C:\Users\r0ach\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\HPCeeScheduleForR0ACH-HP$.job
C:\Windows\tasks\HPCeeScheduleForr0ach.job
=========Mozilla firefox=========
ProfilePath - C:\Users\r0ach\AppData\Roaming\Mozilla\Firefox\Profiles\qt76eed2.default
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation(R)Network Downloader.
"Path"=C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wolfram.com/Mathematica]
"Description"=Wolfram Mathematica Plug-in
"Path"=C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
websitelogon@truesuite.com
C:\Program Files (x86)\Mozilla Firefox\components\
flashplayer.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np32dsw.dll
ShockwavePlugin.class
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-08-25 1763656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-07 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-06 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]
TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-08-25 1613640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-06 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-13 2799912]
"Cm106Sound"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 190472]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-08-09 167744]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-08-09 392512]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-08-09 417088]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-01-03 1425408]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-02-24 5581888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile Communication Centre"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2011-03-08 1355792]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\r0ach\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48145024]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2013-06-28 113288]
"Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-03-16 61112]
"SafeQ Client"=C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [2013-02-20 259584]
"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2012-03-05 578944]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-06-14 103992]
"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2011-08-19 379960]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-04 642728]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
TMMonitor.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-09 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-09-07 52920]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-08 21:41:21 ----D---- C:\_OTM
2015-11-07 12:03:52 ----D---- C:\rsit
2015-11-03 19:34:56 ----RD---- C:\Program Files (x86)\Skype
2015-10-22 22:29:53 ----D---- C:\Users\r0ach\AppData\Roaming\edxLabs
2015-10-22 17:44:57 ----A---- C:\Windows\system32\drivers\IT9135BDA.sys
2015-10-16 21:35:21 ----A---- C:\Windows\system32\invagent.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\generaltel.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\devinv.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-16 21:35:21 ----A---- C:\Windows\system32\appraiser.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\aeinv.dll
2015-10-16 21:35:21 ----A---- C:\Windows\system32\acmigration.dll
2015-10-13 19:20:43 ----A---- C:\Windows\system32\shell32.dll
2015-10-13 19:20:37 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-10-13 19:20:32 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-13 19:20:28 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-10-13 19:19:41 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-13 19:19:41 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-13 19:19:41 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-10-13 19:19:41 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-10-13 19:19:41 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-13 19:19:40 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-13 19:19:40 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-13 19:19:40 ----A---- C:\Windows\system32\iernonce.dll
2015-10-13 19:19:40 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-13 19:19:39 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-13 19:19:39 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-13 19:19:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-10-13 19:19:09 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-13 19:19:09 ----A---- C:\Windows\system32\urlmon.dll
2015-10-13 19:19:09 ----A---- C:\Windows\system32\occache.dll
2015-10-13 19:19:09 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-10-13 19:19:08 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-13 19:19:08 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-13 19:19:08 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-13 19:19:08 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-10-13 19:19:08 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-13 19:19:07 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-13 19:19:07 ----A---- C:\Windows\system32\iesetup.dll
2015-10-13 19:19:07 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-13 19:19:06 ----A---- C:\Windows\system32\iertutil.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-13 19:19:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-10-13 19:19:05 ----A---- C:\Windows\system32\vbscript.dll
2015-10-13 19:19:04 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-10-13 19:19:04 ----A---- C:\Windows\system32\jsproxy.dll
2015-10-13 19:19:04 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-13 19:19:03 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-13 19:19:03 ----A---- C:\Windows\system32\ieui.dll
2015-10-13 19:19:03 ----A---- C:\Windows\system32\ieframe.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\webcheck.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\jscript9diag.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\jscript9.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\jscript.dll
2015-10-13 19:19:02 ----A---- C:\Windows\system32\ieUnatt.exe
2015-10-13 19:19:01 ----A---- C:\Windows\system32\wininet.dll
2015-10-13 19:19:01 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-13 19:19:00 ----A---- C:\Windows\system32\msrating.dll
2015-10-13 19:19:00 ----A---- C:\Windows\system32\mshtml.dll
2015-10-13 19:18:22 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wucltux.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-13 19:18:22 ----A---- C:\Windows\system32\wuapi.dll
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-13 19:18:21 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wups2.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wups.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wudriver.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wuapp.exe
2015-10-13 19:18:21 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-10-13 19:18:21 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-10-13 19:17:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-13 19:17:40 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-10-13 19:17:39 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-10-13 19:17:37 ----A---- C:\Windows\system32\kernel32.dll
2015-10-13 19:17:37 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-10-13 19:17:37 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-10-13 19:17:36 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-10-13 19:17:36 ----A---- C:\Windows\system32\ntdll.dll
2015-10-13 19:17:36 ----A---- C:\Windows\system32\lsasrv.dll
2015-10-13 19:17:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-10-13 19:17:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\wow64.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\winsrv.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\srcore.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\rpcrt4.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-13 19:17:34 ----A---- C:\Windows\system32\conhost.exe
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-10-13 19:17:33 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\wdigest.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\TSpkg.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\sspisrv.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\sspicli.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\srclient.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\smss.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\schannel.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\rstrui.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\ntvdm64.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\ncrypt.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\msv1_0.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\lsass.exe
2015-10-13 19:17:33 ----A---- C:\Windows\system32\kerberos.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\csrsrv.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\cryptbase.dll
2015-10-13 19:17:33 ----A---- C:\Windows\system32\auditpol.exe
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-13 19:17:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-13 19:17:32 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\wow64win.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\wow64cpu.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\secur32.dll
2015-10-13 19:17:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-10-13 19:17:32 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-10-13 19:17:32 ----A---- C:\Windows\system32\credssp.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-13 19:17:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\user.exe
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-10-13 19:17:31 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\msobjs.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\msaudite.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\apisetschema.dll
2015-10-13 19:17:31 ----A---- C:\Windows\system32\adtschema.dll
2015-10-13 19:16:54 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-10-13 19:16:54 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-10-13 19:16:54 ----A---- C:\Windows\system32\drivers\appid.sys
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidsvc.dll
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-10-13 19:16:54 ----A---- C:\Windows\system32\appidapi.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-13 19:15:47 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-13 19:15:46 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
======List of files/folders modified in the last 1 month======
2015-11-08 21:51:06 ----D---- C:\Users\r0ach\AppData\Roaming\Skype
2015-11-08 21:51:05 ----D---- C:\Program Files\trend micro
2015-11-08 21:49:54 ----A---- C:\Windows\SYSWOW64\log.txt
2015-11-08 21:49:48 ----D---- C:\Windows\temp
2015-11-08 21:47:05 ----D---- C:\Windows\system32\config
2015-11-08 21:44:36 ----D---- C:\Windows
2015-11-08 21:44:36 ----D---- C:\Users\r0ach\AppData\Roaming\Dropbox
2015-11-08 21:41:23 ----D---- C:\Windows\Tasks
2015-11-08 19:54:06 ----D---- C:\Windows\System32
2015-11-08 19:54:06 ----D---- C:\Windows\inf
2015-11-08 19:54:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-07 15:09:32 ----D---- C:\Windows\system32\Tasks
2015-11-07 14:55:37 ----D---- C:\Windows\Microsoft.NET
2015-11-07 14:47:13 ----SHD---- C:\Windows\Installer
2015-11-07 14:46:57 ----D---- C:\Config.Msi
2015-11-07 14:44:43 ----SHD---- C:\System Volume Information
2015-11-07 14:42:42 ----D---- C:\Program Files (x86)\RailCAD
2015-11-07 14:42:20 ----D---- C:\Program Files (x86)\Polda6
2015-11-07 14:41:32 ----D---- C:\Program Files (x86)\Electronic Arts
2015-11-07 14:36:35 ----D---- C:\Program Files\Autodesk
2015-11-07 14:36:11 ----D---- C:\ProgramData\Autodesk
2015-11-07 14:21:11 ----D---- C:\Program Files\Common Files\Autodesk Shared
2015-11-07 14:19:07 ----D---- C:\Users\r0ach\AppData\Roaming\Autodesk
2015-11-07 14:18:11 ----D---- C:\Program Files (x86)\Autodesk
2015-11-07 14:17:04 ----RSD---- C:\Windows\assembly
2015-11-07 14:16:55 ----RD---- C:\Program Files (x86)
2015-11-07 13:30:45 ----D---- C:\Windows\Prefetch
2015-11-07 13:25:28 ----D---- C:\AdwCleaner
2015-11-03 19:35:04 ----D---- C:\ProgramData\Skype
2015-11-03 19:34:56 ----D---- C:\Windows\SysWOW64
2015-11-03 19:34:56 ----D---- C:\Program Files (x86)\Common Files
2015-11-03 19:20:27 ----A---- C:\Windows\Cm106.ini.imi
2015-10-22 22:25:59 ----A---- C:\Users\r0ach\AppData\Roaming\mBot.ini
2015-10-22 21:19:33 ----D---- C:\Downloads
2015-10-22 17:45:02 ----D---- C:\Windows\system32\drivers
2015-10-22 17:45:01 ----D---- C:\Windows\system32\DriverStore
2015-10-17 17:03:03 ----D---- C:\Windows\rescache
2015-10-17 10:07:37 ----D---- C:\Windows\winsxs
2015-10-17 10:06:22 ----SD---- C:\Windows\system32\CompatTel
2015-10-17 10:06:16 ----D---- C:\Windows\system32\appraiser
2015-10-17 10:06:12 ----D---- C:\Windows\AppPatch
2015-10-16 20:47:26 ----D---- C:\Program Files\Internet Explorer
2015-10-16 20:47:25 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-10-16 20:47:23 ----D---- C:\Windows\SYSWOW64\en-US
2015-10-16 20:47:20 ----D---- C:\Windows\system32\cs-CZ
2015-10-16 20:47:19 ----D---- C:\Windows\system32\en-US
2015-10-16 20:47:14 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-16 20:46:45 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-16 20:46:45 ----D---- C:\Windows\system32\Boot
2015-10-16 20:46:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-10-14 19:02:39 ----D---- C:\Windows\system32\MRT
2015-10-14 18:53:45 ----D---- C:\Windows\debug
2015-10-14 18:53:38 ----A---- C:\Windows\system32\MRT.exe
2015-10-13 19:14:39 ----D---- C:\Windows\system32\catroot2
2015-10-13 18:58:43 ----SD---- C:\Windows\system32\GWX
2015-10-13 18:47:47 ----SD---- C:\Windows\SYSWOW64\GWX
2015-10-13 18:39:37 ----D---- C:\Users\r0ach\AppData\Roaming\SoftGrid Client
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-01-26 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-05-20 557848]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-19 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [2009-01-14 28264]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-01-26 43320]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-05 10692096]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-09-05 459264]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2012-11-12 4747840]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-07-20 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2012-08-09 12312896]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2013-06-28 91648]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2013-06-28 208896]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2013-06-28 338536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-02-17 428136]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-01-03 535552]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\drivers\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-12-13 1451056]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-07-20 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-07-20 27760]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2015-10-22 165504]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2010-02-22 11776]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBMULCD;USB Multi-Channel Audio Device Interface; C:\Windows\system32\drivers\CM10664.sys [2009-06-11 1306624]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-09-05 239616]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2011-03-08 122608]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-02-24 1343408]
R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-08-25 260424]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-04-25 31000]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-03-28 89840]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-06-28 2413056]
R2 lmadmin;lmadmin; C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe [2011-08-05 6587728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-22 325656]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-01 76888]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-01-03 311808]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-10-13 1044816]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-06-14 1098296]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16 269000]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-10-17 1357104]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-12-17 227904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-15 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-21 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé PC
Dvouklikem na soubor C:\Program Files\trend micro\r0ach.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé PC
I při opětovném restartování došlo k chybě se správcem oken plochy.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé PC
Původní problém byl pomalé PC. Tohle je něco nového?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé PC
Ano bylo to něco nového, ale nechal sem PC přes noc vypnutý a ted již naběhlo vše v pohodě. Dříve se mi to taky sem tam stalo, ale při restartu to naskočilo, včera ani po třech restartech se to nepovedlo, tak sem něvěděl, zda se ještě někde nebude nějaká chybka.
Přispějete na provoz fóra?