Pri otevreni firefoxu se nacte dom stranka hohosearch.
Logfile of random's system information tool 1.10 (written by random/random)
Run by uzivatel at 2016-04-23 18:04:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 144 GB (47%) free of 305 GB
Total RAM: 2991 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:04:08, on 23.4.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18283)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\uzivatel.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={431A811E ... 2016-01-28 21:20:49&v=4.2.8.608&pid=wtu&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Record Page - {2335267c-dbba-4dd5-a9d0-c4db8e6a75a4} - C:\Program Files (x86)\Record Page\Extensions\2335267c-dbba-4dd5-a9d0-c4db8e6a75a4.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.2.9.726\AVG Web TuneUp.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: BugreportW - Unknown owner - C:\Program Files (x86)\hohobnd\gredity.exe
O23 - Service: Disc Soft Pro Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014 (mitsijm2014) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Security Runtime (SentinelSecurityRuntime) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater40.2.9 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.9\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
--
End of file - 11778 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\Av\avgrsa.exe /boot
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-1487-d55303d50f3a /binaryPath="C:\Program Files (x86)\AVG\Av\\" /logPath=C:\Windows\system32\config\systemprofile\AppData\Local\Avg\log\av16 /logCfgPath=C:\ProgramData\Avg\log\av16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 26704352
\??\C:\Windows\system32\conhost.exe "150963487212994751-9766353981427018285-694860312-1242638271-1624367493-381492281
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"taskhost.exe"
"C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
/TRAYONLY
/fmw.trayonly
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\AVG\Av\avgidsagent.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\hasplms.exe -run
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sECSQLEXPRESS
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe"
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe"
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.9\ToolbarUpdater.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.9\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe "-15130739201342199520475788211-149438775-38879502-20339576021423872948-2088375241
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
"C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe"
ctfmon.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
C:\Windows\system32\wbem\wmiprvse.exe
-Minimized
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Cimatron\CimatronE\Program\CimatronE.exe"
"C:\Program Files\Cimatron\CimatronE\Program\CimRot.exe" -Embedding
taskeng.exe {E22A8DFE-B628-44D1-A89F-78F3F9EF4560}
rundll32.exe "C:\Program Files (x86)\Busirekesp\Busirekesphost.dll",w
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.hohosearch.com/?ts=AHEqAH4rC ... &mode=scrp
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\uzivatel\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://www.hohosearch.com/chrome.php?ui ... toolbar&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.9\\npsitesafety.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\
avg-secure-search.xml
DD1B66D4.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2335267c-dbba-4dd5-a9d0-c4db8e6a75a4}]
Record Page - C:\Program Files (x86)\Record Page\Extensions\2335267c-dbba-4dd5-a9d0-c4db8e6a75a4.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files (x86)\AVG Web TuneUp\4.2.9.726\AVG Web TuneUp.dll [2016-04-12 2439240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-05-18 2927928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-02 28785792]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-04-06 32528]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-09-05 184736]
""= []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-03-28 642656]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-04-14 186640]
"vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2016-04-12 2885704]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2016-04-23 18:04:03 ----D---- C:\Program Files\trend micro
2016-04-23 18:04:02 ----D---- C:\rsit
2016-04-21 15:21:47 ----A---- C:\Windows\cimlicmanager.INI
2016-04-21 13:32:40 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2016-04-21 13:32:40 ----A---- C:\Windows\SYSWOW64\bgsserv.exe
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsrespt.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsrespl.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsresit.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsresfr.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsreses.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsresda.dll
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsview.exe
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsresen.dll
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsresde.dll
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsmsnd.exe
2016-04-21 13:32:37 ----A---- C:\Windows\SYSWOW64\bgstb.dll
2016-04-21 13:32:37 ----A---- C:\Windows\SYSWOW64\bgscapi.dll
2016-04-21 13:32:36 ----A---- C:\Windows\SYSWOW64\bgsofice.dll
2016-04-21 13:32:36 ----A---- C:\Windows\system32\bgspm64.dll
2016-04-21 13:31:56 ----D---- C:\ProgramData\Cimatron
2016-04-21 13:31:56 ----D---- C:\Cimatron_Documents
2016-04-21 13:23:57 ----D---- C:\Program Files\Cimatron
2016-04-21 13:23:16 ----A---- C:\Windows\system32\hasplms.exe
2016-04-21 13:21:54 ----A---- C:\Windows\SYSWOW64\hlvdd.dll
2016-04-21 13:19:17 ----SHD---- C:\Config.Msi
2016-04-20 22:47:59 ----SHD---- C:\$RECYCLE.BIN
2016-04-20 22:47:09 ----A---- C:\ComboFix.txt
2016-04-20 21:36:16 ----A---- C:\Windows\zip.exe
2016-04-20 21:36:16 ----A---- C:\Windows\SWSC.exe
2016-04-20 21:36:16 ----A---- C:\Windows\SWREG.exe
2016-04-20 21:36:16 ----A---- C:\Windows\sed.exe
2016-04-20 21:36:16 ----A---- C:\Windows\PEV.exe
2016-04-20 21:36:16 ----A---- C:\Windows\NIRCMD.exe
2016-04-20 21:36:16 ----A---- C:\Windows\MBR.exe
2016-04-20 21:36:16 ----A---- C:\Windows\grep.exe
2016-04-20 21:35:21 ----D---- C:\Qoobox
2016-04-20 21:34:25 ----D---- C:\Windows\erdnt
2016-04-20 21:14:56 ----D---- C:\Users\uzivatel\AppData\Roaming\SpringFiles
2016-04-20 21:14:54 ----D---- C:\Program Files (x86)\SrpnFiles
2016-04-20 21:14:24 ----D---- C:\Program Files (x86)\Lnspmekiing
2016-04-20 21:14:24 ----D---- C:\Program Files (x86)\Busirekesp
2016-04-20 21:14:23 ----D---- C:\Program Files (x86)\hohobnd
2016-04-14 21:38:45 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-04-12 22:12:54 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-04-12 22:12:54 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-04-12 22:12:54 ----A---- C:\Windows\system32\mtxoci.dll
2016-04-12 22:12:42 ----A---- C:\Windows\system32\rpcss.dll
2016-04-12 22:12:41 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2016-04-12 22:12:41 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-04-12 22:12:41 ----A---- C:\Windows\system32\msxml3r.dll
2016-04-12 22:12:41 ----A---- C:\Windows\system32\msxml3.dll
2016-04-12 22:12:35 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-04-12 22:12:35 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-04-12 22:12:35 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-04-12 22:12:35 ----A---- C:\Windows\system32\ole32.dll
2016-04-12 22:12:35 ----A---- C:\Windows\system32\lsasrv.dll
2016-04-12 22:12:34 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-04-12 22:12:34 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-04-12 22:12:34 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\winsrv.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\smss.exe
2016-04-12 22:12:34 ----A---- C:\Windows\system32\schannel.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\rpcrt4.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-04-12 22:12:34 ----A---- C:\Windows\system32\ntdll.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\msv1_0.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\KernelBase.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\kernel32.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\kerberos.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\certcli.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\advapi32.dll
2016-04-12 22:12:33 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-04-12 22:12:33 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wow64win.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wow64cpu.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wow64.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wdigest.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\TSpkg.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\sspisrv.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\sspicli.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\srcore.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\srclient.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\secur32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\rstrui.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\rpchttp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\ntvdm64.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\ncrypt.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\lsass.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-04-12 22:12:32 ----A---- C:\Windows\system32\drivers\appid.sys
2016-04-12 22:12:32 ----A---- C:\Windows\system32\csrsrv.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\cryptbase.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\credssp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\conhost.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\auditpol.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidsvc.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidapi.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\user.exe
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\msobjs.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\msaudite.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\apisetschema.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\adtschema.dll
2016-04-12 22:12:19 ----A---- C:\Windows\system32\drivers\disk.sys
2016-04-12 22:12:18 ----A---- C:\Windows\system32\win32k.sys
2016-04-12 22:12:15 ----A---- C:\Windows\system32\tbs.dll
2016-04-12 22:12:15 ----A---- C:\Windows\system32\fveapi.dll
2016-04-12 22:12:14 ----A---- C:\Windows\SYSWOW64\tbs.dll
2016-04-12 22:12:14 ----A---- C:\Windows\system32\fveapibase.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\invagent.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\generaltel.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\devinv.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-04-12 22:12:01 ----A---- C:\Windows\system32\appraiser.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\aepic.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\aeinv.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\acmigration.dll
2016-04-12 22:11:58 ----A---- C:\Windows\SYSWOW64\samlib.dll
2016-04-12 22:11:58 ----A---- C:\Windows\system32\samsrv.dll
2016-04-12 22:11:58 ----A---- C:\Windows\system32\samlib.dll
2016-04-12 22:11:48 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-04-12 22:11:48 ----A---- C:\Windows\system32\tzres.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\inseng.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\iernonce.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-04-12 22:11:35 ----A---- C:\Windows\system32\ie4uinit.exe
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-04-12 22:11:34 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\urlmon.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\occache.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\iedkcs32.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-04-12 22:11:32 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-12 22:11:32 ----A---- C:\Windows\system32\msfeeds.dll
2016-04-12 22:11:32 ----A---- C:\Windows\system32\dxtrans.dll
2016-04-12 22:11:31 ----A---- C:\Windows\system32\iesetup.dll
2016-04-12 22:11:31 ----A---- C:\Windows\system32\ieapfltr.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-04-12 22:11:30 ----A---- C:\Windows\system32\vbscript.dll
2016-04-12 22:11:30 ----A---- C:\Windows\system32\jsproxy.dll
2016-04-12 22:11:30 ----A---- C:\Windows\system32\iertutil.dll
2016-04-12 22:11:29 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-04-12 22:11:28 ----A---- C:\Windows\system32\ieui.dll
2016-04-12 22:11:28 ----A---- C:\Windows\system32\ieframe.dll
2016-04-12 22:11:28 ----A---- C:\Windows\system32\dxtmsft.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\webcheck.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\mshtmled.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\jscript9diag.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\jscript.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\ieUnatt.exe
2016-04-12 22:11:26 ----A---- C:\Windows\system32\wininet.dll
2016-04-12 22:11:26 ----A---- C:\Windows\system32\jscript9.dll
2016-04-12 22:11:25 ----A---- C:\Windows\system32\msrating.dll
2016-04-12 22:11:25 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-04-12 22:11:25 ----A---- C:\Windows\system32\mshtml.dll
2016-03-28 12:26:52 ----SHD---- C:\Windows\ftpcache
2016-03-28 12:26:28 ----A---- C:\Windows\system32\HPSIsvc.exe
2016-03-28 12:19:55 ----A---- C:\Windows\system32\HP1100SM.EXE
2016-03-28 12:19:55 ----A---- C:\Windows\system32\HP1100LM.DLL
2016-03-28 12:19:36 ----A---- C:\Windows\system32\mvhlewsi.dll
2016-03-28 12:19:33 ----D---- C:\Program Files\HP
2016-03-28 12:19:32 ----A---- C:\Windows\system32\HP1100SMs.dll
======List of files/folders modified in the last 1 month======
2016-04-23 18:04:08 ----D---- C:\Windows\Prefetch
2016-04-23 18:04:03 ----RD---- C:\Program Files
2016-04-23 18:00:32 ----D---- C:\Windows\Temp
2016-04-23 07:33:43 ----D---- C:\ProgramData\MFAData
2016-04-21 22:20:00 ----D---- C:\Windows\system32\config
2016-04-21 21:39:42 ----D---- C:\Windows\System32
2016-04-21 21:39:42 ----D---- C:\Windows\inf
2016-04-21 21:39:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-04-21 21:11:38 ----D---- C:\Program Files (x86)\TeamViewer
2016-04-21 21:10:19 ----D---- C:\Windows\SysWOW64
2016-04-21 21:06:17 ----SHD---- C:\System Volume Information
2016-04-21 20:40:58 ----D---- C:\Windows
2016-04-21 15:48:29 ----D---- C:\Windows\system32\drivers
2016-04-21 15:48:26 ----D---- C:\Windows\system32\DriverStore
2016-04-21 15:24:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-04-21 13:32:22 ----SHD---- C:\Windows\Installer
2016-04-21 13:32:14 ----RSD---- C:\Windows\Fonts
2016-04-21 13:31:56 ----D---- C:\ProgramData
2016-04-21 13:23:25 ----D---- C:\Windows\system32\Setup
2016-04-21 13:23:19 ----D---- C:\Program Files (x86)\Common Files
2016-04-21 13:20:37 ----D---- C:\ProgramData\Package Cache
2016-04-20 22:34:02 ----A---- C:\Windows\system.ini
2016-04-20 22:26:43 ----D---- C:\Windows\SYSWOW64\drivers
2016-04-20 22:26:43 ----D---- C:\Windows\AppPatch
2016-04-20 21:51:21 ----D---- C:\Windows\system32\drivers\etc
2016-04-20 21:45:21 ----D---- C:\Windows\Downloaded Program Files
2016-04-20 21:15:59 ----D---- C:\Windows\system32\Tasks
2016-04-20 21:14:54 ----RD---- C:\Program Files (x86)
2016-04-20 20:58:08 ----D---- C:\ProgramData\SafeNet Sentinel
2016-04-20 20:35:47 ----A---- C:\Windows\SCAux.INI
2016-04-20 20:29:33 ----A---- C:\Windows\ODBC.INI
2016-04-20 08:41:06 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-14 14:33:38 ----D---- C:\Windows\system32\wdi
2016-04-13 04:23:58 ----D---- C:\Windows\rescache
2016-04-13 03:45:27 ----D---- C:\Windows\Microsoft.NET
2016-04-13 03:44:49 ----RSD---- C:\Windows\assembly
2016-04-13 03:35:44 ----D---- C:\Windows\winsxs
2016-04-13 03:31:12 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-04-13 03:31:12 ----D---- C:\Windows\system32\en-US
2016-04-13 03:31:12 ----D---- C:\Windows\system32\cs-CZ
2016-04-13 03:31:11 ----D---- C:\Windows\SYSWOW64\wbem
2016-04-13 03:31:11 ----D---- C:\Windows\system32\wbem
2016-04-13 03:31:11 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-04-13 03:31:11 ----D---- C:\Windows\system32\Boot
2016-04-13 03:31:10 ----D---- C:\Windows\system32\appraiser
2016-04-13 03:31:10 ----D---- C:\Windows\Logs
2016-04-13 03:31:08 ----D---- C:\Program Files\Internet Explorer
2016-04-13 03:31:07 ----D---- C:\Windows\SYSWOW64\en-US
2016-04-13 03:31:06 ----D---- C:\Program Files (x86)\Internet Explorer
2016-04-13 03:10:05 ----D---- C:\Windows\system32\MRT
2016-04-13 03:04:29 ----A---- C:\Windows\system32\MRT.exe
2016-04-13 03:02:18 ----D---- C:\Windows\system32\catroot2
2016-04-12 20:54:47 ----D---- C:\ProgramData\AVG Web TuneUp
2016-04-12 20:54:16 ----D---- C:\Program Files (x86)\AVG Web TuneUp
2016-04-04 03:03:31 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-04-04 03:00:56 ----SD---- C:\Windows\SYSWOW64\GWX
2016-04-04 03:00:56 ----SD---- C:\Windows\system32\GWX
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2016-01-26 272304]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2016-02-16 360736]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2016-03-07 246560]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2015-12-04 42416]
R0 Avguniva;AVG Universal Driver; C:\Windows\system32\DRIVERS\avguniva.sys [2016-03-08 71456]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-04-24 633704]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2014-04-24 28008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2014-06-08 213848]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-06-06 381608]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2016-02-16 162592]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2016-03-08 306976]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-10-08 302000]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-06-08 60416]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2015-09-23 109200]
R2 aksfridge;Sentinel Fridge; C:\Windows\system32\DRIVERS\aksfridge.sys [2015-09-23 205528]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2015-09-23 350552]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2010-01-26 1212416]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-03-29 11658752]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-03-29 581120]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-02-14 96768]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-10-02 7765240]
R3 dtproscsibus;DAEMON Tools Pro Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtproscsibus.sys [2015-06-06 30352]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-02-19 57848]
R3 int0800;Intel 28F320C3 Flash Update Device Driver v6.4; C:\Windows\system32\DRIVERS\flashud.sys [2009-09-09 51712]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-01-15 977624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-05-18 434488]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-06-08 18432]
S2 Haspnt;Haspnt; \??\C:\Windows\system32\drivers\Haspnt.sys []
S2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS []
S2 SentinelFilter;SentinelFilter; \??\C:\Users\uzivatel\Downloads\SURFCAM\SURFCAM\crack\SENTINELFILTER.SYS []
S3 akshasp;SafeNet Inc. HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2015-09-23 77912]
S3 akshhl;SafeNet Inc. Sentinel HL Key; C:\Windows\system32\DRIVERS\akshhl.sys [2015-09-23 81368]
S3 aksusb;SafeNet Inc. USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2015-09-23 322560]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-06-08 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-06-08 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2015-06-03 54824]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys []
S3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\drivers\ibmpmdrv.sys [2015-05-12 63464]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-06-08 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-04 338536]
S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2015-01-06 3709656]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2014-06-08 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2014-06-08 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-06-08 29696]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-06-08 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-12-03 28672]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-03-29 241152]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2016-04-06 3993088]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-04-14 1074448]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2016-04-06 593880]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-06-08 27136]
R2 hasplms;Sentinel HASP License Manager; C:\Windows\system32\hasplms.exe [2015-09-23 4665168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2010-04-07 127800]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-09-24 31040]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [2013-01-25 952608]
R2 MSSQL$ECSQLEXPRESS;SQL Server (ECSQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2014-06-08 27136]
R2 SentinelKeysServer;Sentinel Keys Server; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2011-09-22 374304]
R2 SentinelSecurityRuntime;Sentinel Security Runtime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [2011-09-22 292384]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 153952]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-03-02 6942480]
R2 vToolbarUpdater40.2.9;vToolbarUpdater40.2.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.9\ToolbarUpdater.exe [2016-04-12 1964616]
R3 Disc Soft Pro Bus Service;Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe [2015-02-27 1267984]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-09-05 1420192]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 BugreportW;BugreportW; C:\Program Files (x86)\hohobnd\gredity.exe [2016-04-20 988904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-04-06 638456]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-09-15 1471352]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-03-31 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-04-14 146888]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-06-02 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o check TRAPI ME SMEJD
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o check TRAPI ME SMEJD
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o check TRAPI ME SMEJD
# AdwCleaner v5.112 - Log soubor vytvořen 23/04/2016 o 20:58:29
# Aktualizováno 17/04/2016 by Xplode
# Databáze : 2016-04-19.5 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Jméno uživatele : uzivatel - HP-PC
# Spuštěno z : C:\Users\uzivatel\Desktop\adwcleaner_5.112.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
[-] Služba smazáno : WtuSystemSupport
[-] Služba smazáno : BugreportW
[-] Služba smazáno : vToolbarUpdater40.2.9
***** [ Složky ] *****
[-] Složka smazáno : C:\Program Files (x86)\TNT2
[-] Složka smazáno : C:\Program Files (x86)\avg web tuneup
[-] Složka smazáno : C:\Program Files (x86)\SrpnFiles
[-] Složka smazáno : C:\Program Files (x86)\hohobnd
[-] Složka smazáno : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Složka smazáno : C:\Program Files\Common Files\AVG Secure Search
[-] Složka smazáno : C:\ProgramData\AVG Secure Search
[-] Složka smazáno : C:\ProgramData\AVG Security Toolbar
[-] Složka smazáno : C:\ProgramData\avg web tuneup
[#] Složka smazáno : C:\ProgramData\Application Data\AVG Secure Search
[#] Složka smazáno : C:\ProgramData\Application Data\AVG Security Toolbar
[#] Složka smazáno : C:\ProgramData\Application Data\avg web tuneup
[-] Složka smazáno : C:\Users\uzivatel\AppData\Local\TNT2
[-] Složka smazáno : C:\Users\uzivatel\AppData\Local\avg web tuneup
[-] Složka smazáno : C:\Users\uzivatel\AppData\Roaming\SpringFiles
[-] Složka smazáno : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\YourGSearchFinder_br
***** [ Soubory ] *****
[-] Soubor smazáno : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\Avg@toolbar.xpi
[-] Soubor smazáno : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\avg-secure-search.xml
[-] Soubor smazáno : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\dd1b66d4.xml
[-] Soubor smazáno : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\8szmynjw.default\extensions\Avg@toolbar.xpi
[-] Soubor smazáno : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\8szmynjw.default\searchplugins\avg-secure-search.xml
[-] Soubor smazáno : C:\Windows\SysWOW64\Utils.dll
***** [ DLLs ] *****
***** [ Zástupci ] *****
[-] Zástupce odvirováno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[-] Zástupce odvirováno : C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Zástupce odvirováno : C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[-] Zástupce odvirováno : C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Zástupce odvirováno : C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (2).lnk
[-] Zástupce odvirováno : C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (3).lnk
[-] Zástupce odvirováno : C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
[-] Zástupce odvirováno : C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
[-] Klávesa smazáno : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Klávesa smazáno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Klávesa smazáno : HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klávesa smazáno : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{2335267C-DBBA-4DD5-A9D0-C4DB8E6A75A4}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{0FEB2313-F89B-4AC6-8153-84025604A06A}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{D1611ACC-4B10-4B34-8CDE-0AE7B2A270A6}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2335267C-DBBA-4DD5-A9D0-C4DB8E6A75A4}
[-] Klávesa smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klávesa smazáno : HKCU\Software\APN PIP
[-] Klávesa smazáno : HKCU\Software\distromatic
[-] Klávesa smazáno : HKCU\Software\TNT2
[-] Klávesa smazáno : HKLM\SOFTWARE\PIP
[-] Klávesa smazáno : HKLM\SOFTWARE\AVG Tuneup
[-] Klávesa smazáno : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2469228505-3341620947-3942848176-1000\Software\TNT2
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Obnoveno : HKU\S-1-5-21-2469228505-3341620947-3942848176-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Klávesa smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Data Obnoveno : HKU\S-1-5-21-2469228505-3341620947-3942848176-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Hodnota smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
***** [ Webové prohlížeče ] *****
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\8szmynjw.default\prefs.js] smazáno : user_pref("avg.wtu.ext.extParams", "{\"action\":\"extParams\",\"data\":{\"searchParams\":{\"pid\":\"wtu\",\"cid\":\"{16ca32c3-403c-4cfa-9965-447a17690782}\",\"mid\":\"221c50374c4847cd94efb57816e218af-[...]
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("avg.wtu.ext.extParams", "{\"action\":\"extParams\",\"data\":{\"searchParams\":{\"pid\":\"wtu\",\"cid\":\"{16ca32c3-403c-4cfa-9965-447a17690782}\",\"mid\":\"221c50374c4847cd94efb57816e218af-[...]
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("browser.newtab.url", "hxxp://www.hohosearch.com/?ts=AHEqAH4rCHMoBU.. ... ode=ffseng");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("browser.search.defaultenginename", "hohosearch");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("browser.search.defaultenginename.US", "data:text/plain,browser.search.defaultenginename.US=hohosearch");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("browser.search.hiddenOneOffs", "DuckDuckGo,Heuréka,hohosearch");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("browser.search.searchengine.hp", "hxxp://www.hohosearch.com/?ts=AHEqAH4rCHMoBU.. ... =ffsengext");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("browser.search.searchengine.sp", "hxxp://www.hohosearch.com/chrome.php?mode=ffse ... v=20160419");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.hohosearch.com/chrome.php?mode=ffse ... v=20160419");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("browser.search.selectedEngine", "hohosearch");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.BUTTON_STRUCTURE", "[{\"b\":224520315,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224520316,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.browser.version.last", "45.0");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.firstKnownVersion", "7.38.8.45986");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.homepage", "/index.jhtml?n=782a5c25");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.hp.enabled", true);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.hp.guardType", "HPR");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.initialized", true);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.installation.installDate", "2016042021");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.installation.success", true);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.lastActivePing", "1461418742582");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.lastKnownVersion", "7.38.8.45986");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.lssState", "{\"previousLocales\":[\"cs\",\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\",\"supp[...]
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.options.defaultSearch", false);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.options.homePageEnabled", false);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.options.keywordEnabled", true);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.options.tabEnabled", false);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.productDeliveryOption.language", "en");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.productDeliveryOption.type", "Toolbar");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.successUrl", "hxxp://www.hohosearch.com/chrome.php?uid=14846 ... ttoolbar&q[...]
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.toolbarCollapsed", true);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.uninstallTasks", "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._brMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\uzivatel\\\\AppData\[...]
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "yourGSearchfinder@GSearch.com");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark.lastInstalled", "yourGSearchfinder@GSearch.com");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("keyword.URL", "hxxp://www.hohosearch.com/chrome.php?uid=14846 ... toolbar&q=");
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [15809 bytes] - [23/04/2016 20:58:29]
C:\AdwCleaner\AdwCleaner[S1].txt - [17251 bytes] - [23/04/2016 20:56:50]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [15957 bytes] ##########
# Aktualizováno 17/04/2016 by Xplode
# Databáze : 2016-04-19.5 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Jméno uživatele : uzivatel - HP-PC
# Spuštěno z : C:\Users\uzivatel\Desktop\adwcleaner_5.112.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
[-] Služba smazáno : WtuSystemSupport
[-] Služba smazáno : BugreportW
[-] Služba smazáno : vToolbarUpdater40.2.9
***** [ Složky ] *****
[-] Složka smazáno : C:\Program Files (x86)\TNT2
[-] Složka smazáno : C:\Program Files (x86)\avg web tuneup
[-] Složka smazáno : C:\Program Files (x86)\SrpnFiles
[-] Složka smazáno : C:\Program Files (x86)\hohobnd
[-] Složka smazáno : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Složka smazáno : C:\Program Files\Common Files\AVG Secure Search
[-] Složka smazáno : C:\ProgramData\AVG Secure Search
[-] Složka smazáno : C:\ProgramData\AVG Security Toolbar
[-] Složka smazáno : C:\ProgramData\avg web tuneup
[#] Složka smazáno : C:\ProgramData\Application Data\AVG Secure Search
[#] Složka smazáno : C:\ProgramData\Application Data\AVG Security Toolbar
[#] Složka smazáno : C:\ProgramData\Application Data\avg web tuneup
[-] Složka smazáno : C:\Users\uzivatel\AppData\Local\TNT2
[-] Složka smazáno : C:\Users\uzivatel\AppData\Local\avg web tuneup
[-] Složka smazáno : C:\Users\uzivatel\AppData\Roaming\SpringFiles
[-] Složka smazáno : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\YourGSearchFinder_br
***** [ Soubory ] *****
[-] Soubor smazáno : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\Avg@toolbar.xpi
[-] Soubor smazáno : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\avg-secure-search.xml
[-] Soubor smazáno : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\dd1b66d4.xml
[-] Soubor smazáno : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\8szmynjw.default\extensions\Avg@toolbar.xpi
[-] Soubor smazáno : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\8szmynjw.default\searchplugins\avg-secure-search.xml
[-] Soubor smazáno : C:\Windows\SysWOW64\Utils.dll
***** [ DLLs ] *****
***** [ Zástupci ] *****
[-] Zástupce odvirováno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[-] Zástupce odvirováno : C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Zástupce odvirováno : C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[-] Zástupce odvirováno : C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Zástupce odvirováno : C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (2).lnk
[-] Zástupce odvirováno : C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (3).lnk
[-] Zástupce odvirováno : C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
[-] Zástupce odvirováno : C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
[-] Klávesa smazáno : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Klávesa smazáno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Klávesa smazáno : HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klávesa smazáno : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{2335267C-DBBA-4DD5-A9D0-C4DB8E6A75A4}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{0FEB2313-F89B-4AC6-8153-84025604A06A}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{D1611ACC-4B10-4B34-8CDE-0AE7B2A270A6}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2335267C-DBBA-4DD5-A9D0-C4DB8E6A75A4}
[-] Klávesa smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klávesa smazáno : HKCU\Software\APN PIP
[-] Klávesa smazáno : HKCU\Software\distromatic
[-] Klávesa smazáno : HKCU\Software\TNT2
[-] Klávesa smazáno : HKLM\SOFTWARE\PIP
[-] Klávesa smazáno : HKLM\SOFTWARE\AVG Tuneup
[-] Klávesa smazáno : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2469228505-3341620947-3942848176-1000\Software\TNT2
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Obnoveno : HKU\S-1-5-21-2469228505-3341620947-3942848176-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Klávesa smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Data Obnoveno : HKU\S-1-5-21-2469228505-3341620947-3942848176-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Hodnota smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
***** [ Webové prohlížeče ] *****
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\8szmynjw.default\prefs.js] smazáno : user_pref("avg.wtu.ext.extParams", "{\"action\":\"extParams\",\"data\":{\"searchParams\":{\"pid\":\"wtu\",\"cid\":\"{16ca32c3-403c-4cfa-9965-447a17690782}\",\"mid\":\"221c50374c4847cd94efb57816e218af-[...]
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("avg.wtu.ext.extParams", "{\"action\":\"extParams\",\"data\":{\"searchParams\":{\"pid\":\"wtu\",\"cid\":\"{16ca32c3-403c-4cfa-9965-447a17690782}\",\"mid\":\"221c50374c4847cd94efb57816e218af-[...]
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("browser.newtab.url", "hxxp://www.hohosearch.com/?ts=AHEqAH4rCHMoBU.. ... ode=ffseng");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("browser.search.defaultenginename", "hohosearch");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("browser.search.defaultenginename.US", "data:text/plain,browser.search.defaultenginename.US=hohosearch");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("browser.search.hiddenOneOffs", "DuckDuckGo,Heuréka,hohosearch");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("browser.search.searchengine.hp", "hxxp://www.hohosearch.com/?ts=AHEqAH4rCHMoBU.. ... =ffsengext");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("browser.search.searchengine.sp", "hxxp://www.hohosearch.com/chrome.php?mode=ffse ... v=20160419");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.hohosearch.com/chrome.php?mode=ffse ... v=20160419");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("browser.search.selectedEngine", "hohosearch");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.BUTTON_STRUCTURE", "[{\"b\":224520315,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224520316,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.browser.version.last", "45.0");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.firstKnownVersion", "7.38.8.45986");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.homepage", "/index.jhtml?n=782a5c25");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.hp.enabled", true);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.hp.guardType", "HPR");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.initialized", true);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.installation.installDate", "2016042021");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.installation.success", true);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.lastActivePing", "1461418742582");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.lastKnownVersion", "7.38.8.45986");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.lssState", "{\"previousLocales\":[\"cs\",\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\",\"supp[...]
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.options.defaultSearch", false);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.options.homePageEnabled", false);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.options.keywordEnabled", true);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.options.tabEnabled", false);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.productDeliveryOption.language", "en");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.productDeliveryOption.type", "Toolbar");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.successUrl", "hxxp://www.hohosearch.com/chrome.php?uid=14846 ... ttoolbar&q[...]
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.toolbarCollapsed", true);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._brMembers_.uninstallTasks", "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._brMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\uzivatel\\\\AppData\[...]
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "yourGSearchfinder@GSearch.com");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark.lastInstalled", "yourGSearchfinder@GSearch.com");
[-] [C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] smazáno : user_pref("keyword.URL", "hxxp://www.hohosearch.com/chrome.php?uid=14846 ... toolbar&q=");
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [15809 bytes] - [23/04/2016 20:58:29]
C:\AdwCleaner\AdwCleaner[S1].txt - [17251 bytes] - [23/04/2016 20:56:50]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [15957 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o check TRAPI ME SMEJD
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o check TRAPI ME SMEJD
Logfile of random's system information tool 1.10 (written by random/random)
Run by uzivatel at 2016-04-23 21:10:06
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 144 GB (47%) free of 305 GB
Total RAM: 2991 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:10:09, on 23.4.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18283)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files\trend micro\uzivatel.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Disc Soft Pro Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014 (mitsijm2014) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Security Runtime (SentinelSecurityRuntime) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10684 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\Av\avgrsa.exe /boot
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-da9a-f050c9fea441 /binaryPath="C:\Program Files (x86)\AVG\Av\\" /logPath=C:\Windows\system32\config\systemprofile\AppData\Local\Avg\log\av16 /logCfgPath=C:\ProgramData\Avg\log\av16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 4389328
\??\C:\Windows\system32\conhost.exe "557751710-310746745-1664380-1278483055-1261413686-13936855844548679862015560731
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[C1].txt
"C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
/TRAYONLY
/fmw.trayonly
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\AVG\Av\avgidsagent.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\hasplms.exe -run
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sECSQLEXPRESS
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe"
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe"
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
C:\Windows\system32\wbem\wmiprvse.exe
-Minimized
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\uzivatel\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
prefs.js - "keyword.URL" - "undefined://undefined/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-05-18 2927928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-02 28785792]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-04-06 32528]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-09-05 184736]
""= []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-03-28 642656]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-04-14 186640]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2016-04-23 20:56:35 ----D---- C:\AdwCleaner
2016-04-23 18:04:03 ----D---- C:\Program Files\trend micro
2016-04-23 18:04:02 ----D---- C:\rsit
2016-04-21 15:21:47 ----A---- C:\Windows\cimlicmanager.INI
2016-04-21 13:32:40 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2016-04-21 13:32:40 ----A---- C:\Windows\SYSWOW64\bgsserv.exe
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsrespt.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsrespl.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsresit.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsresfr.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsreses.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsresda.dll
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsview.exe
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsresen.dll
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsresde.dll
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsmsnd.exe
2016-04-21 13:32:37 ----A---- C:\Windows\SYSWOW64\bgstb.dll
2016-04-21 13:32:37 ----A---- C:\Windows\SYSWOW64\bgscapi.dll
2016-04-21 13:32:36 ----A---- C:\Windows\SYSWOW64\bgsofice.dll
2016-04-21 13:32:36 ----A---- C:\Windows\system32\bgspm64.dll
2016-04-21 13:31:56 ----D---- C:\ProgramData\Cimatron
2016-04-21 13:31:56 ----D---- C:\Cimatron_Documents
2016-04-21 13:23:57 ----D---- C:\Program Files\Cimatron
2016-04-21 13:23:16 ----A---- C:\Windows\system32\hasplms.exe
2016-04-21 13:21:54 ----A---- C:\Windows\SYSWOW64\hlvdd.dll
2016-04-21 13:19:17 ----SHD---- C:\Config.Msi
2016-04-20 22:47:59 ----SHD---- C:\$RECYCLE.BIN
2016-04-20 22:47:09 ----A---- C:\ComboFix.txt
2016-04-20 21:36:16 ----A---- C:\Windows\zip.exe
2016-04-20 21:36:16 ----A---- C:\Windows\SWSC.exe
2016-04-20 21:36:16 ----A---- C:\Windows\SWREG.exe
2016-04-20 21:36:16 ----A---- C:\Windows\sed.exe
2016-04-20 21:36:16 ----A---- C:\Windows\PEV.exe
2016-04-20 21:36:16 ----A---- C:\Windows\NIRCMD.exe
2016-04-20 21:36:16 ----A---- C:\Windows\MBR.exe
2016-04-20 21:36:16 ----A---- C:\Windows\grep.exe
2016-04-20 21:35:21 ----D---- C:\Qoobox
2016-04-20 21:34:25 ----D---- C:\Windows\erdnt
2016-04-20 21:14:24 ----D---- C:\Program Files (x86)\Lnspmekiing
2016-04-20 21:14:24 ----D---- C:\Program Files (x86)\Busirekesp
2016-04-14 21:38:45 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-04-12 22:12:54 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-04-12 22:12:54 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-04-12 22:12:54 ----A---- C:\Windows\system32\mtxoci.dll
2016-04-12 22:12:42 ----A---- C:\Windows\system32\rpcss.dll
2016-04-12 22:12:41 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2016-04-12 22:12:41 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-04-12 22:12:41 ----A---- C:\Windows\system32\msxml3r.dll
2016-04-12 22:12:41 ----A---- C:\Windows\system32\msxml3.dll
2016-04-12 22:12:35 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-04-12 22:12:35 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-04-12 22:12:35 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-04-12 22:12:35 ----A---- C:\Windows\system32\ole32.dll
2016-04-12 22:12:35 ----A---- C:\Windows\system32\lsasrv.dll
2016-04-12 22:12:34 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-04-12 22:12:34 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-04-12 22:12:34 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\winsrv.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\smss.exe
2016-04-12 22:12:34 ----A---- C:\Windows\system32\schannel.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\rpcrt4.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-04-12 22:12:34 ----A---- C:\Windows\system32\ntdll.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\msv1_0.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\KernelBase.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\kernel32.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\kerberos.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\certcli.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\advapi32.dll
2016-04-12 22:12:33 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-04-12 22:12:33 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wow64win.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wow64cpu.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wow64.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wdigest.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\TSpkg.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\sspisrv.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\sspicli.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\srcore.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\srclient.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\secur32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\rstrui.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\rpchttp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\ntvdm64.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\ncrypt.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\lsass.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-04-12 22:12:32 ----A---- C:\Windows\system32\drivers\appid.sys
2016-04-12 22:12:32 ----A---- C:\Windows\system32\csrsrv.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\cryptbase.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\credssp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\conhost.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\auditpol.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidsvc.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidapi.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\user.exe
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\msobjs.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\msaudite.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\apisetschema.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\adtschema.dll
2016-04-12 22:12:19 ----A---- C:\Windows\system32\drivers\disk.sys
2016-04-12 22:12:18 ----A---- C:\Windows\system32\win32k.sys
2016-04-12 22:12:15 ----A---- C:\Windows\system32\tbs.dll
2016-04-12 22:12:15 ----A---- C:\Windows\system32\fveapi.dll
2016-04-12 22:12:14 ----A---- C:\Windows\SYSWOW64\tbs.dll
2016-04-12 22:12:14 ----A---- C:\Windows\system32\fveapibase.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\invagent.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\generaltel.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\devinv.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-04-12 22:12:01 ----A---- C:\Windows\system32\appraiser.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\aepic.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\aeinv.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\acmigration.dll
2016-04-12 22:11:58 ----A---- C:\Windows\SYSWOW64\samlib.dll
2016-04-12 22:11:58 ----A---- C:\Windows\system32\samsrv.dll
2016-04-12 22:11:58 ----A---- C:\Windows\system32\samlib.dll
2016-04-12 22:11:48 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-04-12 22:11:48 ----A---- C:\Windows\system32\tzres.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\inseng.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\iernonce.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-04-12 22:11:35 ----A---- C:\Windows\system32\ie4uinit.exe
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-04-12 22:11:34 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\urlmon.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\occache.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\iedkcs32.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-04-12 22:11:32 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-12 22:11:32 ----A---- C:\Windows\system32\msfeeds.dll
2016-04-12 22:11:32 ----A---- C:\Windows\system32\dxtrans.dll
2016-04-12 22:11:31 ----A---- C:\Windows\system32\iesetup.dll
2016-04-12 22:11:31 ----A---- C:\Windows\system32\ieapfltr.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-04-12 22:11:30 ----A---- C:\Windows\system32\vbscript.dll
2016-04-12 22:11:30 ----A---- C:\Windows\system32\jsproxy.dll
2016-04-12 22:11:30 ----A---- C:\Windows\system32\iertutil.dll
2016-04-12 22:11:29 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-04-12 22:11:28 ----A---- C:\Windows\system32\ieui.dll
2016-04-12 22:11:28 ----A---- C:\Windows\system32\ieframe.dll
2016-04-12 22:11:28 ----A---- C:\Windows\system32\dxtmsft.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\webcheck.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\mshtmled.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\jscript9diag.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\jscript.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\ieUnatt.exe
2016-04-12 22:11:26 ----A---- C:\Windows\system32\wininet.dll
2016-04-12 22:11:26 ----A---- C:\Windows\system32\jscript9.dll
2016-04-12 22:11:25 ----A---- C:\Windows\system32\msrating.dll
2016-04-12 22:11:25 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-04-12 22:11:25 ----A---- C:\Windows\system32\mshtml.dll
2016-03-28 12:26:52 ----SHD---- C:\Windows\ftpcache
2016-03-28 12:26:28 ----A---- C:\Windows\system32\HPSIsvc.exe
2016-03-28 12:19:55 ----A---- C:\Windows\system32\HP1100SM.EXE
2016-03-28 12:19:55 ----A---- C:\Windows\system32\HP1100LM.DLL
2016-03-28 12:19:36 ----A---- C:\Windows\system32\mvhlewsi.dll
2016-03-28 12:19:33 ----D---- C:\Program Files\HP
2016-03-28 12:19:32 ----A---- C:\Windows\system32\HP1100SMs.dll
======List of files/folders modified in the last 1 month======
2016-04-23 21:06:04 ----D---- C:\Windows\Prefetch
2016-04-23 21:05:42 ----D---- C:\Windows\System32
2016-04-23 21:05:42 ----D---- C:\Windows\inf
2016-04-23 21:05:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-04-23 21:00:38 ----D---- C:\Windows\SysWOW64
2016-04-23 21:00:32 ----D---- C:\Windows\Temp
2016-04-23 20:58:34 ----D---- C:\ProgramData
2016-04-23 20:58:34 ----D---- C:\Program Files\Common Files
2016-04-23 20:58:34 ----D---- C:\Program Files (x86)\Common Files
2016-04-23 20:58:33 ----RD---- C:\Program Files (x86)
2016-04-23 19:33:42 ----D---- C:\ProgramData\MFAData
2016-04-23 18:04:03 ----RD---- C:\Program Files
2016-04-21 22:20:00 ----D---- C:\Windows\system32\config
2016-04-21 21:11:38 ----D---- C:\Program Files (x86)\TeamViewer
2016-04-21 21:06:17 ----SHD---- C:\System Volume Information
2016-04-21 20:40:58 ----D---- C:\Windows
2016-04-21 15:48:29 ----D---- C:\Windows\system32\drivers
2016-04-21 15:48:26 ----D---- C:\Windows\system32\DriverStore
2016-04-21 15:24:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-04-21 13:32:22 ----SHD---- C:\Windows\Installer
2016-04-21 13:32:14 ----RSD---- C:\Windows\Fonts
2016-04-21 13:23:25 ----D---- C:\Windows\system32\Setup
2016-04-21 13:20:37 ----D---- C:\ProgramData\Package Cache
2016-04-20 22:34:02 ----A---- C:\Windows\system.ini
2016-04-20 22:26:43 ----D---- C:\Windows\SYSWOW64\drivers
2016-04-20 22:26:43 ----D---- C:\Windows\AppPatch
2016-04-20 21:51:21 ----D---- C:\Windows\system32\drivers\etc
2016-04-20 21:45:21 ----D---- C:\Windows\Downloaded Program Files
2016-04-20 21:15:59 ----D---- C:\Windows\system32\Tasks
2016-04-20 20:58:08 ----D---- C:\ProgramData\SafeNet Sentinel
2016-04-20 20:35:47 ----A---- C:\Windows\SCAux.INI
2016-04-20 20:29:33 ----A---- C:\Windows\ODBC.INI
2016-04-20 08:41:06 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-14 14:33:38 ----D---- C:\Windows\system32\wdi
2016-04-13 04:23:58 ----D---- C:\Windows\rescache
2016-04-13 03:45:27 ----D---- C:\Windows\Microsoft.NET
2016-04-13 03:44:49 ----RSD---- C:\Windows\assembly
2016-04-13 03:35:44 ----D---- C:\Windows\winsxs
2016-04-13 03:31:12 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-04-13 03:31:12 ----D---- C:\Windows\system32\en-US
2016-04-13 03:31:12 ----D---- C:\Windows\system32\cs-CZ
2016-04-13 03:31:11 ----D---- C:\Windows\SYSWOW64\wbem
2016-04-13 03:31:11 ----D---- C:\Windows\system32\wbem
2016-04-13 03:31:11 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-04-13 03:31:11 ----D---- C:\Windows\system32\Boot
2016-04-13 03:31:10 ----D---- C:\Windows\system32\appraiser
2016-04-13 03:31:10 ----D---- C:\Windows\Logs
2016-04-13 03:31:08 ----D---- C:\Program Files\Internet Explorer
2016-04-13 03:31:07 ----D---- C:\Windows\SYSWOW64\en-US
2016-04-13 03:31:06 ----D---- C:\Program Files (x86)\Internet Explorer
2016-04-13 03:10:05 ----D---- C:\Windows\system32\MRT
2016-04-13 03:04:29 ----A---- C:\Windows\system32\MRT.exe
2016-04-13 03:02:18 ----D---- C:\Windows\system32\catroot2
2016-04-04 03:03:31 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-04-04 03:00:56 ----SD---- C:\Windows\SYSWOW64\GWX
2016-04-04 03:00:56 ----SD---- C:\Windows\system32\GWX
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2016-01-26 272304]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2016-02-16 360736]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2016-03-07 246560]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2015-12-04 42416]
R0 Avguniva;AVG Universal Driver; C:\Windows\system32\DRIVERS\avguniva.sys [2016-03-08 71456]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-04-24 633704]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2014-04-24 28008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2014-06-08 213848]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-06-06 381608]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2016-02-16 162592]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2016-03-08 306976]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-10-08 302000]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-06-08 60416]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2015-09-23 109200]
R2 aksfridge;Sentinel Fridge; C:\Windows\system32\DRIVERS\aksfridge.sys [2015-09-23 205528]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2015-09-23 350552]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2010-01-26 1212416]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-03-29 11658752]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-03-29 581120]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-02-14 96768]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-10-02 7765240]
R3 dtproscsibus;DAEMON Tools Pro Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtproscsibus.sys [2015-06-06 30352]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-02-19 57848]
R3 int0800;Intel 28F320C3 Flash Update Device Driver v6.4; C:\Windows\system32\DRIVERS\flashud.sys [2009-09-09 51712]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-01-15 977624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-05-18 434488]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-06-08 18432]
S2 Haspnt;Haspnt; \??\C:\Windows\system32\drivers\Haspnt.sys []
S2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS []
S2 SentinelFilter;SentinelFilter; \??\C:\Users\uzivatel\Downloads\SURFCAM\SURFCAM\crack\SENTINELFILTER.SYS []
S3 akshasp;SafeNet Inc. HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2015-09-23 77912]
S3 akshhl;SafeNet Inc. Sentinel HL Key; C:\Windows\system32\DRIVERS\akshhl.sys [2015-09-23 81368]
S3 aksusb;SafeNet Inc. USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2015-09-23 322560]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-06-08 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-06-08 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2015-06-03 54824]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys []
S3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\drivers\ibmpmdrv.sys [2015-05-12 63464]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-06-08 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-04 338536]
S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2015-01-06 3709656]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2014-06-08 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2014-06-08 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-06-08 29696]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-06-08 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-12-03 28672]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-03-29 241152]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2016-04-06 3993088]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-04-14 1074448]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2016-04-06 593880]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-06-08 27136]
R2 hasplms;Sentinel HASP License Manager; C:\Windows\system32\hasplms.exe [2015-09-23 4665168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2010-04-07 127800]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-09-24 31040]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [2013-01-25 952608]
R2 MSSQL$ECSQLEXPRESS;SQL Server (ECSQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2014-06-08 27136]
R2 SentinelKeysServer;Sentinel Keys Server; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2011-09-22 374304]
R2 SentinelSecurityRuntime;Sentinel Security Runtime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [2011-09-22 292384]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 153952]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-03-02 6942480]
R3 Disc Soft Pro Bus Service;Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe [2015-02-27 1267984]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-09-05 1420192]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-04-06 638456]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-09-15 1471352]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-03-31 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-04-14 146888]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-06-02 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Run by uzivatel at 2016-04-23 21:10:06
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 144 GB (47%) free of 305 GB
Total RAM: 2991 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:10:09, on 23.4.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18283)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files\trend micro\uzivatel.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Disc Soft Pro Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014 (mitsijm2014) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Security Runtime (SentinelSecurityRuntime) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10684 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\Av\avgrsa.exe /boot
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-da9a-f050c9fea441 /binaryPath="C:\Program Files (x86)\AVG\Av\\" /logPath=C:\Windows\system32\config\systemprofile\AppData\Local\Avg\log\av16 /logCfgPath=C:\ProgramData\Avg\log\av16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 4389328
\??\C:\Windows\system32\conhost.exe "557751710-310746745-1664380-1278483055-1261413686-13936855844548679862015560731
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[C1].txt
"C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
/TRAYONLY
/fmw.trayonly
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\AVG\Av\avgidsagent.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\hasplms.exe -run
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sECSQLEXPRESS
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe"
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe"
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
ctfmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
C:\Windows\system32\wbem\wmiprvse.exe
-Minimized
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\uzivatel\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
prefs.js - "keyword.URL" - "undefined://undefined/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-05-18 2927928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-02 28785792]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-04-06 32528]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-09-05 184736]
""= []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-03-28 642656]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-04-14 186640]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2016-04-23 20:56:35 ----D---- C:\AdwCleaner
2016-04-23 18:04:03 ----D---- C:\Program Files\trend micro
2016-04-23 18:04:02 ----D---- C:\rsit
2016-04-21 15:21:47 ----A---- C:\Windows\cimlicmanager.INI
2016-04-21 13:32:40 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2016-04-21 13:32:40 ----A---- C:\Windows\SYSWOW64\bgsserv.exe
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsrespt.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsrespl.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsresit.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsresfr.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsreses.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsresda.dll
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsview.exe
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsresen.dll
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsresde.dll
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsmsnd.exe
2016-04-21 13:32:37 ----A---- C:\Windows\SYSWOW64\bgstb.dll
2016-04-21 13:32:37 ----A---- C:\Windows\SYSWOW64\bgscapi.dll
2016-04-21 13:32:36 ----A---- C:\Windows\SYSWOW64\bgsofice.dll
2016-04-21 13:32:36 ----A---- C:\Windows\system32\bgspm64.dll
2016-04-21 13:31:56 ----D---- C:\ProgramData\Cimatron
2016-04-21 13:31:56 ----D---- C:\Cimatron_Documents
2016-04-21 13:23:57 ----D---- C:\Program Files\Cimatron
2016-04-21 13:23:16 ----A---- C:\Windows\system32\hasplms.exe
2016-04-21 13:21:54 ----A---- C:\Windows\SYSWOW64\hlvdd.dll
2016-04-21 13:19:17 ----SHD---- C:\Config.Msi
2016-04-20 22:47:59 ----SHD---- C:\$RECYCLE.BIN
2016-04-20 22:47:09 ----A---- C:\ComboFix.txt
2016-04-20 21:36:16 ----A---- C:\Windows\zip.exe
2016-04-20 21:36:16 ----A---- C:\Windows\SWSC.exe
2016-04-20 21:36:16 ----A---- C:\Windows\SWREG.exe
2016-04-20 21:36:16 ----A---- C:\Windows\sed.exe
2016-04-20 21:36:16 ----A---- C:\Windows\PEV.exe
2016-04-20 21:36:16 ----A---- C:\Windows\NIRCMD.exe
2016-04-20 21:36:16 ----A---- C:\Windows\MBR.exe
2016-04-20 21:36:16 ----A---- C:\Windows\grep.exe
2016-04-20 21:35:21 ----D---- C:\Qoobox
2016-04-20 21:34:25 ----D---- C:\Windows\erdnt
2016-04-20 21:14:24 ----D---- C:\Program Files (x86)\Lnspmekiing
2016-04-20 21:14:24 ----D---- C:\Program Files (x86)\Busirekesp
2016-04-14 21:38:45 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-04-12 22:12:54 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-04-12 22:12:54 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-04-12 22:12:54 ----A---- C:\Windows\system32\mtxoci.dll
2016-04-12 22:12:42 ----A---- C:\Windows\system32\rpcss.dll
2016-04-12 22:12:41 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2016-04-12 22:12:41 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-04-12 22:12:41 ----A---- C:\Windows\system32\msxml3r.dll
2016-04-12 22:12:41 ----A---- C:\Windows\system32\msxml3.dll
2016-04-12 22:12:35 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-04-12 22:12:35 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-04-12 22:12:35 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-04-12 22:12:35 ----A---- C:\Windows\system32\ole32.dll
2016-04-12 22:12:35 ----A---- C:\Windows\system32\lsasrv.dll
2016-04-12 22:12:34 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-04-12 22:12:34 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-04-12 22:12:34 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\winsrv.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\smss.exe
2016-04-12 22:12:34 ----A---- C:\Windows\system32\schannel.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\rpcrt4.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-04-12 22:12:34 ----A---- C:\Windows\system32\ntdll.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\msv1_0.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\KernelBase.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\kernel32.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\kerberos.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\certcli.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\advapi32.dll
2016-04-12 22:12:33 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-04-12 22:12:33 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wow64win.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wow64cpu.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wow64.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wdigest.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\TSpkg.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\sspisrv.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\sspicli.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\srcore.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\srclient.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\secur32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\rstrui.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\rpchttp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\ntvdm64.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\ncrypt.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\lsass.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-04-12 22:12:32 ----A---- C:\Windows\system32\drivers\appid.sys
2016-04-12 22:12:32 ----A---- C:\Windows\system32\csrsrv.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\cryptbase.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\credssp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\conhost.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\auditpol.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidsvc.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidapi.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\user.exe
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\msobjs.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\msaudite.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\apisetschema.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\adtschema.dll
2016-04-12 22:12:19 ----A---- C:\Windows\system32\drivers\disk.sys
2016-04-12 22:12:18 ----A---- C:\Windows\system32\win32k.sys
2016-04-12 22:12:15 ----A---- C:\Windows\system32\tbs.dll
2016-04-12 22:12:15 ----A---- C:\Windows\system32\fveapi.dll
2016-04-12 22:12:14 ----A---- C:\Windows\SYSWOW64\tbs.dll
2016-04-12 22:12:14 ----A---- C:\Windows\system32\fveapibase.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\invagent.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\generaltel.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\devinv.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-04-12 22:12:01 ----A---- C:\Windows\system32\appraiser.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\aepic.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\aeinv.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\acmigration.dll
2016-04-12 22:11:58 ----A---- C:\Windows\SYSWOW64\samlib.dll
2016-04-12 22:11:58 ----A---- C:\Windows\system32\samsrv.dll
2016-04-12 22:11:58 ----A---- C:\Windows\system32\samlib.dll
2016-04-12 22:11:48 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-04-12 22:11:48 ----A---- C:\Windows\system32\tzres.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\inseng.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\iernonce.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-04-12 22:11:35 ----A---- C:\Windows\system32\ie4uinit.exe
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-04-12 22:11:34 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\urlmon.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\occache.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\iedkcs32.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-04-12 22:11:32 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-12 22:11:32 ----A---- C:\Windows\system32\msfeeds.dll
2016-04-12 22:11:32 ----A---- C:\Windows\system32\dxtrans.dll
2016-04-12 22:11:31 ----A---- C:\Windows\system32\iesetup.dll
2016-04-12 22:11:31 ----A---- C:\Windows\system32\ieapfltr.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-04-12 22:11:30 ----A---- C:\Windows\system32\vbscript.dll
2016-04-12 22:11:30 ----A---- C:\Windows\system32\jsproxy.dll
2016-04-12 22:11:30 ----A---- C:\Windows\system32\iertutil.dll
2016-04-12 22:11:29 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-04-12 22:11:28 ----A---- C:\Windows\system32\ieui.dll
2016-04-12 22:11:28 ----A---- C:\Windows\system32\ieframe.dll
2016-04-12 22:11:28 ----A---- C:\Windows\system32\dxtmsft.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\webcheck.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\mshtmled.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\jscript9diag.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\jscript.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\ieUnatt.exe
2016-04-12 22:11:26 ----A---- C:\Windows\system32\wininet.dll
2016-04-12 22:11:26 ----A---- C:\Windows\system32\jscript9.dll
2016-04-12 22:11:25 ----A---- C:\Windows\system32\msrating.dll
2016-04-12 22:11:25 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-04-12 22:11:25 ----A---- C:\Windows\system32\mshtml.dll
2016-03-28 12:26:52 ----SHD---- C:\Windows\ftpcache
2016-03-28 12:26:28 ----A---- C:\Windows\system32\HPSIsvc.exe
2016-03-28 12:19:55 ----A---- C:\Windows\system32\HP1100SM.EXE
2016-03-28 12:19:55 ----A---- C:\Windows\system32\HP1100LM.DLL
2016-03-28 12:19:36 ----A---- C:\Windows\system32\mvhlewsi.dll
2016-03-28 12:19:33 ----D---- C:\Program Files\HP
2016-03-28 12:19:32 ----A---- C:\Windows\system32\HP1100SMs.dll
======List of files/folders modified in the last 1 month======
2016-04-23 21:06:04 ----D---- C:\Windows\Prefetch
2016-04-23 21:05:42 ----D---- C:\Windows\System32
2016-04-23 21:05:42 ----D---- C:\Windows\inf
2016-04-23 21:05:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-04-23 21:00:38 ----D---- C:\Windows\SysWOW64
2016-04-23 21:00:32 ----D---- C:\Windows\Temp
2016-04-23 20:58:34 ----D---- C:\ProgramData
2016-04-23 20:58:34 ----D---- C:\Program Files\Common Files
2016-04-23 20:58:34 ----D---- C:\Program Files (x86)\Common Files
2016-04-23 20:58:33 ----RD---- C:\Program Files (x86)
2016-04-23 19:33:42 ----D---- C:\ProgramData\MFAData
2016-04-23 18:04:03 ----RD---- C:\Program Files
2016-04-21 22:20:00 ----D---- C:\Windows\system32\config
2016-04-21 21:11:38 ----D---- C:\Program Files (x86)\TeamViewer
2016-04-21 21:06:17 ----SHD---- C:\System Volume Information
2016-04-21 20:40:58 ----D---- C:\Windows
2016-04-21 15:48:29 ----D---- C:\Windows\system32\drivers
2016-04-21 15:48:26 ----D---- C:\Windows\system32\DriverStore
2016-04-21 15:24:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-04-21 13:32:22 ----SHD---- C:\Windows\Installer
2016-04-21 13:32:14 ----RSD---- C:\Windows\Fonts
2016-04-21 13:23:25 ----D---- C:\Windows\system32\Setup
2016-04-21 13:20:37 ----D---- C:\ProgramData\Package Cache
2016-04-20 22:34:02 ----A---- C:\Windows\system.ini
2016-04-20 22:26:43 ----D---- C:\Windows\SYSWOW64\drivers
2016-04-20 22:26:43 ----D---- C:\Windows\AppPatch
2016-04-20 21:51:21 ----D---- C:\Windows\system32\drivers\etc
2016-04-20 21:45:21 ----D---- C:\Windows\Downloaded Program Files
2016-04-20 21:15:59 ----D---- C:\Windows\system32\Tasks
2016-04-20 20:58:08 ----D---- C:\ProgramData\SafeNet Sentinel
2016-04-20 20:35:47 ----A---- C:\Windows\SCAux.INI
2016-04-20 20:29:33 ----A---- C:\Windows\ODBC.INI
2016-04-20 08:41:06 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-14 14:33:38 ----D---- C:\Windows\system32\wdi
2016-04-13 04:23:58 ----D---- C:\Windows\rescache
2016-04-13 03:45:27 ----D---- C:\Windows\Microsoft.NET
2016-04-13 03:44:49 ----RSD---- C:\Windows\assembly
2016-04-13 03:35:44 ----D---- C:\Windows\winsxs
2016-04-13 03:31:12 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-04-13 03:31:12 ----D---- C:\Windows\system32\en-US
2016-04-13 03:31:12 ----D---- C:\Windows\system32\cs-CZ
2016-04-13 03:31:11 ----D---- C:\Windows\SYSWOW64\wbem
2016-04-13 03:31:11 ----D---- C:\Windows\system32\wbem
2016-04-13 03:31:11 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-04-13 03:31:11 ----D---- C:\Windows\system32\Boot
2016-04-13 03:31:10 ----D---- C:\Windows\system32\appraiser
2016-04-13 03:31:10 ----D---- C:\Windows\Logs
2016-04-13 03:31:08 ----D---- C:\Program Files\Internet Explorer
2016-04-13 03:31:07 ----D---- C:\Windows\SYSWOW64\en-US
2016-04-13 03:31:06 ----D---- C:\Program Files (x86)\Internet Explorer
2016-04-13 03:10:05 ----D---- C:\Windows\system32\MRT
2016-04-13 03:04:29 ----A---- C:\Windows\system32\MRT.exe
2016-04-13 03:02:18 ----D---- C:\Windows\system32\catroot2
2016-04-04 03:03:31 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-04-04 03:00:56 ----SD---- C:\Windows\SYSWOW64\GWX
2016-04-04 03:00:56 ----SD---- C:\Windows\system32\GWX
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2016-01-26 272304]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2016-02-16 360736]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2016-03-07 246560]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2015-12-04 42416]
R0 Avguniva;AVG Universal Driver; C:\Windows\system32\DRIVERS\avguniva.sys [2016-03-08 71456]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-04-24 633704]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2014-04-24 28008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2014-06-08 213848]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-06-06 381608]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2016-02-16 162592]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2016-03-08 306976]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-10-08 302000]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-06-08 60416]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2015-09-23 109200]
R2 aksfridge;Sentinel Fridge; C:\Windows\system32\DRIVERS\aksfridge.sys [2015-09-23 205528]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2015-09-23 350552]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2010-01-26 1212416]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-03-29 11658752]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-03-29 581120]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-02-14 96768]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-10-02 7765240]
R3 dtproscsibus;DAEMON Tools Pro Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtproscsibus.sys [2015-06-06 30352]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-02-19 57848]
R3 int0800;Intel 28F320C3 Flash Update Device Driver v6.4; C:\Windows\system32\DRIVERS\flashud.sys [2009-09-09 51712]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-01-15 977624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-05-18 434488]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-06-08 18432]
S2 Haspnt;Haspnt; \??\C:\Windows\system32\drivers\Haspnt.sys []
S2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS []
S2 SentinelFilter;SentinelFilter; \??\C:\Users\uzivatel\Downloads\SURFCAM\SURFCAM\crack\SENTINELFILTER.SYS []
S3 akshasp;SafeNet Inc. HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2015-09-23 77912]
S3 akshhl;SafeNet Inc. Sentinel HL Key; C:\Windows\system32\DRIVERS\akshhl.sys [2015-09-23 81368]
S3 aksusb;SafeNet Inc. USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2015-09-23 322560]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-06-08 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-06-08 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2015-06-03 54824]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys []
S3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\drivers\ibmpmdrv.sys [2015-05-12 63464]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-06-08 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-04 338536]
S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2015-01-06 3709656]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2014-06-08 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2014-06-08 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-06-08 29696]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-06-08 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-12-03 28672]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-03-29 241152]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2016-04-06 3993088]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-04-14 1074448]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2016-04-06 593880]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-06-08 27136]
R2 hasplms;Sentinel HASP License Manager; C:\Windows\system32\hasplms.exe [2015-09-23 4665168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2010-04-07 127800]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-09-24 31040]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [2013-01-25 952608]
R2 MSSQL$ECSQLEXPRESS;SQL Server (ECSQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2014-06-08 27136]
R2 SentinelKeysServer;Sentinel Keys Server; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2011-09-22 374304]
R2 SentinelSecurityRuntime;Sentinel Security Runtime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [2011-09-22 292384]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 153952]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-03-02 6942480]
R3 Disc Soft Pro Bus Service;Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe [2015-02-27 1267984]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-09-05 1420192]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-04-06 638456]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-09-15 1471352]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-03-31 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-04-14 146888]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-06-02 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o check TRAPI ME SMEJD
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC a dejte nový log RSIT.:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o check TRAPI ME SMEJD
Logfile of random's system information tool 1.10 (written by random/random)
Run by uzivatel at 2016-04-23 22:37:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 144 GB (47%) free of 305 GB
Total RAM: 2991 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:37:16, on 23.4.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18283)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files\trend micro\uzivatel.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Disc Soft Pro Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014 (mitsijm2014) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Security Runtime (SentinelSecurityRuntime) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10787 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\Av\avgrsa.exe /boot
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-4360-b46692c1f439 /binaryPath="C:\Program Files (x86)\AVG\Av\\" /logPath=C:\Windows\system32\config\systemprofile\AppData\Local\Avg\log\av16 /logCfgPath=C:\ProgramData\Avg\log\av16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 30383584
\??\C:\Windows\system32\conhost.exe "-668860959726511971-2124088147-871359058-8112772061306385202-1617677371669482154
C:\Windows\System32\spoolsv.exe
taskeng.exe {BA347388-5503-45B8-B2E7-50D7A0BC0587}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\AVG\Av\avgidsagent.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\hasplms.exe -run
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sECSQLEXPRESS
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe"
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe"
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe"
/TRAYONLY
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
/fmw.trayonly
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe"
ctfmon.exe
"C:\Users\uzivatel\Downloads\RSITx64.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
=========Mozilla firefox=========
ProfilePath - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
prefs.js - "keyword.URL" - "undefined://undefined/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-05-18 2927928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-02 28785792]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-04-06 32528]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-09-05 184736]
""= []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-03-28 642656]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-04-14 186640]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2016-04-23 22:29:46 ----D---- C:\_OTM
2016-04-23 20:56:35 ----D---- C:\AdwCleaner
2016-04-23 18:04:03 ----D---- C:\Program Files\trend micro
2016-04-23 18:04:02 ----D---- C:\rsit
2016-04-21 15:21:47 ----A---- C:\Windows\cimlicmanager.INI
2016-04-21 13:32:40 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2016-04-21 13:32:40 ----A---- C:\Windows\SYSWOW64\bgsserv.exe
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsrespt.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsrespl.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsresit.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsresfr.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsreses.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsresda.dll
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsview.exe
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsresen.dll
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsresde.dll
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsmsnd.exe
2016-04-21 13:32:37 ----A---- C:\Windows\SYSWOW64\bgstb.dll
2016-04-21 13:32:37 ----A---- C:\Windows\SYSWOW64\bgscapi.dll
2016-04-21 13:32:36 ----A---- C:\Windows\SYSWOW64\bgsofice.dll
2016-04-21 13:32:36 ----A---- C:\Windows\system32\bgspm64.dll
2016-04-21 13:31:56 ----D---- C:\ProgramData\Cimatron
2016-04-21 13:31:56 ----D---- C:\Cimatron_Documents
2016-04-21 13:23:57 ----D---- C:\Program Files\Cimatron
2016-04-21 13:23:16 ----A---- C:\Windows\system32\hasplms.exe
2016-04-21 13:21:54 ----A---- C:\Windows\SYSWOW64\hlvdd.dll
2016-04-21 13:19:17 ----SHD---- C:\Config.Msi
2016-04-20 22:47:59 ----SHD---- C:\$RECYCLE.BIN
2016-04-20 22:47:09 ----A---- C:\ComboFix.txt
2016-04-20 21:36:16 ----A---- C:\Windows\zip.exe
2016-04-20 21:36:16 ----A---- C:\Windows\SWSC.exe
2016-04-20 21:36:16 ----A---- C:\Windows\SWREG.exe
2016-04-20 21:36:16 ----A---- C:\Windows\sed.exe
2016-04-20 21:36:16 ----A---- C:\Windows\PEV.exe
2016-04-20 21:36:16 ----A---- C:\Windows\NIRCMD.exe
2016-04-20 21:36:16 ----A---- C:\Windows\MBR.exe
2016-04-20 21:36:16 ----A---- C:\Windows\grep.exe
2016-04-20 21:35:21 ----D---- C:\Qoobox
2016-04-20 21:34:25 ----D---- C:\Windows\erdnt
2016-04-20 21:14:24 ----D---- C:\Program Files (x86)\Lnspmekiing
2016-04-20 21:14:24 ----D---- C:\Program Files (x86)\Busirekesp
2016-04-14 21:38:45 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-04-12 22:12:54 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-04-12 22:12:54 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-04-12 22:12:54 ----A---- C:\Windows\system32\mtxoci.dll
2016-04-12 22:12:42 ----A---- C:\Windows\system32\rpcss.dll
2016-04-12 22:12:41 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2016-04-12 22:12:41 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-04-12 22:12:41 ----A---- C:\Windows\system32\msxml3r.dll
2016-04-12 22:12:41 ----A---- C:\Windows\system32\msxml3.dll
2016-04-12 22:12:35 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-04-12 22:12:35 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-04-12 22:12:35 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-04-12 22:12:35 ----A---- C:\Windows\system32\ole32.dll
2016-04-12 22:12:35 ----A---- C:\Windows\system32\lsasrv.dll
2016-04-12 22:12:34 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-04-12 22:12:34 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-04-12 22:12:34 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\winsrv.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\smss.exe
2016-04-12 22:12:34 ----A---- C:\Windows\system32\schannel.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\rpcrt4.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-04-12 22:12:34 ----A---- C:\Windows\system32\ntdll.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\msv1_0.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\KernelBase.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\kernel32.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\kerberos.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\certcli.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\advapi32.dll
2016-04-12 22:12:33 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-04-12 22:12:33 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wow64win.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wow64cpu.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wow64.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wdigest.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\TSpkg.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\sspisrv.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\sspicli.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\srcore.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\srclient.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\secur32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\rstrui.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\rpchttp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\ntvdm64.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\ncrypt.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\lsass.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-04-12 22:12:32 ----A---- C:\Windows\system32\drivers\appid.sys
2016-04-12 22:12:32 ----A---- C:\Windows\system32\csrsrv.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\cryptbase.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\credssp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\conhost.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\auditpol.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidsvc.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidapi.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\user.exe
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\msobjs.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\msaudite.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\apisetschema.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\adtschema.dll
2016-04-12 22:12:19 ----A---- C:\Windows\system32\drivers\disk.sys
2016-04-12 22:12:18 ----A---- C:\Windows\system32\win32k.sys
2016-04-12 22:12:15 ----A---- C:\Windows\system32\tbs.dll
2016-04-12 22:12:15 ----A---- C:\Windows\system32\fveapi.dll
2016-04-12 22:12:14 ----A---- C:\Windows\SYSWOW64\tbs.dll
2016-04-12 22:12:14 ----A---- C:\Windows\system32\fveapibase.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\invagent.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\generaltel.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\devinv.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-04-12 22:12:01 ----A---- C:\Windows\system32\appraiser.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\aepic.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\aeinv.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\acmigration.dll
2016-04-12 22:11:58 ----A---- C:\Windows\SYSWOW64\samlib.dll
2016-04-12 22:11:58 ----A---- C:\Windows\system32\samsrv.dll
2016-04-12 22:11:58 ----A---- C:\Windows\system32\samlib.dll
2016-04-12 22:11:48 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-04-12 22:11:48 ----A---- C:\Windows\system32\tzres.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\inseng.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\iernonce.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-04-12 22:11:35 ----A---- C:\Windows\system32\ie4uinit.exe
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-04-12 22:11:34 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\urlmon.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\occache.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\iedkcs32.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-04-12 22:11:32 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-12 22:11:32 ----A---- C:\Windows\system32\msfeeds.dll
2016-04-12 22:11:32 ----A---- C:\Windows\system32\dxtrans.dll
2016-04-12 22:11:31 ----A---- C:\Windows\system32\iesetup.dll
2016-04-12 22:11:31 ----A---- C:\Windows\system32\ieapfltr.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-04-12 22:11:30 ----A---- C:\Windows\system32\vbscript.dll
2016-04-12 22:11:30 ----A---- C:\Windows\system32\jsproxy.dll
2016-04-12 22:11:30 ----A---- C:\Windows\system32\iertutil.dll
2016-04-12 22:11:29 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-04-12 22:11:28 ----A---- C:\Windows\system32\ieui.dll
2016-04-12 22:11:28 ----A---- C:\Windows\system32\ieframe.dll
2016-04-12 22:11:28 ----A---- C:\Windows\system32\dxtmsft.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\webcheck.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\mshtmled.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\jscript9diag.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\jscript.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\ieUnatt.exe
2016-04-12 22:11:26 ----A---- C:\Windows\system32\wininet.dll
2016-04-12 22:11:26 ----A---- C:\Windows\system32\jscript9.dll
2016-04-12 22:11:25 ----A---- C:\Windows\system32\msrating.dll
2016-04-12 22:11:25 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-04-12 22:11:25 ----A---- C:\Windows\system32\mshtml.dll
2016-03-28 12:26:52 ----SHD---- C:\Windows\ftpcache
2016-03-28 12:26:28 ----A---- C:\Windows\system32\HPSIsvc.exe
2016-03-28 12:19:55 ----A---- C:\Windows\system32\HP1100SM.EXE
2016-03-28 12:19:55 ----A---- C:\Windows\system32\HP1100LM.DLL
2016-03-28 12:19:36 ----A---- C:\Windows\system32\mvhlewsi.dll
2016-03-28 12:19:33 ----D---- C:\Program Files\HP
2016-03-28 12:19:32 ----A---- C:\Windows\system32\HP1100SMs.dll
======List of files/folders modified in the last 1 month======
2016-04-23 22:35:50 ----D---- C:\Windows\Prefetch
2016-04-23 22:35:24 ----D---- C:\Windows\Temp
2016-04-23 22:34:47 ----D---- C:\Windows\SysWOW64
2016-04-23 22:33:14 ----D---- C:\Windows\system32\config
2016-04-23 21:05:42 ----D---- C:\Windows\System32
2016-04-23 21:05:42 ----D---- C:\Windows\inf
2016-04-23 21:05:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-04-23 20:58:34 ----D---- C:\ProgramData
2016-04-23 20:58:34 ----D---- C:\Program Files\Common Files
2016-04-23 20:58:34 ----D---- C:\Program Files (x86)\Common Files
2016-04-23 20:58:33 ----RD---- C:\Program Files (x86)
2016-04-23 19:33:42 ----D---- C:\ProgramData\MFAData
2016-04-23 18:04:03 ----RD---- C:\Program Files
2016-04-21 21:11:38 ----D---- C:\Program Files (x86)\TeamViewer
2016-04-21 21:06:17 ----SHD---- C:\System Volume Information
2016-04-21 20:40:58 ----D---- C:\Windows
2016-04-21 15:48:29 ----D---- C:\Windows\system32\drivers
2016-04-21 15:48:26 ----D---- C:\Windows\system32\DriverStore
2016-04-21 15:24:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-04-21 13:32:22 ----SHD---- C:\Windows\Installer
2016-04-21 13:32:14 ----RSD---- C:\Windows\Fonts
2016-04-21 13:23:25 ----D---- C:\Windows\system32\Setup
2016-04-21 13:20:37 ----D---- C:\ProgramData\Package Cache
2016-04-20 22:34:02 ----A---- C:\Windows\system.ini
2016-04-20 22:26:43 ----D---- C:\Windows\SYSWOW64\drivers
2016-04-20 22:26:43 ----D---- C:\Windows\AppPatch
2016-04-20 21:51:21 ----D---- C:\Windows\system32\drivers\etc
2016-04-20 21:45:21 ----D---- C:\Windows\Downloaded Program Files
2016-04-20 21:15:59 ----D---- C:\Windows\system32\Tasks
2016-04-20 20:58:08 ----D---- C:\ProgramData\SafeNet Sentinel
2016-04-20 20:35:47 ----A---- C:\Windows\SCAux.INI
2016-04-20 20:29:33 ----A---- C:\Windows\ODBC.INI
2016-04-20 08:41:06 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-14 14:33:38 ----D---- C:\Windows\system32\wdi
2016-04-13 04:23:58 ----D---- C:\Windows\rescache
2016-04-13 03:45:27 ----D---- C:\Windows\Microsoft.NET
2016-04-13 03:44:49 ----RSD---- C:\Windows\assembly
2016-04-13 03:35:44 ----D---- C:\Windows\winsxs
2016-04-13 03:31:12 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-04-13 03:31:12 ----D---- C:\Windows\system32\en-US
2016-04-13 03:31:12 ----D---- C:\Windows\system32\cs-CZ
2016-04-13 03:31:11 ----D---- C:\Windows\SYSWOW64\wbem
2016-04-13 03:31:11 ----D---- C:\Windows\system32\wbem
2016-04-13 03:31:11 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-04-13 03:31:11 ----D---- C:\Windows\system32\Boot
2016-04-13 03:31:10 ----D---- C:\Windows\system32\appraiser
2016-04-13 03:31:10 ----D---- C:\Windows\Logs
2016-04-13 03:31:08 ----D---- C:\Program Files\Internet Explorer
2016-04-13 03:31:07 ----D---- C:\Windows\SYSWOW64\en-US
2016-04-13 03:31:06 ----D---- C:\Program Files (x86)\Internet Explorer
2016-04-13 03:10:05 ----D---- C:\Windows\system32\MRT
2016-04-13 03:04:29 ----A---- C:\Windows\system32\MRT.exe
2016-04-13 03:02:18 ----D---- C:\Windows\system32\catroot2
2016-04-04 03:03:31 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-04-04 03:00:56 ----SD---- C:\Windows\SYSWOW64\GWX
2016-04-04 03:00:56 ----SD---- C:\Windows\system32\GWX
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2016-01-26 272304]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2016-02-16 360736]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2016-03-07 246560]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2015-12-04 42416]
R0 Avguniva;AVG Universal Driver; C:\Windows\system32\DRIVERS\avguniva.sys [2016-03-08 71456]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-04-24 633704]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2014-04-24 28008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2014-06-08 213848]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-06-06 381608]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2016-02-16 162592]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2016-03-08 306976]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-10-08 302000]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-06-08 60416]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2015-09-23 109200]
R2 aksfridge;Sentinel Fridge; C:\Windows\system32\DRIVERS\aksfridge.sys [2015-09-23 205528]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2015-09-23 350552]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2010-01-26 1212416]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-03-29 11658752]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-03-29 581120]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-02-14 96768]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-10-02 7765240]
R3 dtproscsibus;DAEMON Tools Pro Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtproscsibus.sys [2015-06-06 30352]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-02-19 57848]
R3 int0800;Intel 28F320C3 Flash Update Device Driver v6.4; C:\Windows\system32\DRIVERS\flashud.sys [2009-09-09 51712]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-01-15 977624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-05-18 434488]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-06-08 18432]
S2 Haspnt;Haspnt; \??\C:\Windows\system32\drivers\Haspnt.sys []
S2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS []
S2 SentinelFilter;SentinelFilter; \??\C:\Users\uzivatel\Downloads\SURFCAM\SURFCAM\crack\SENTINELFILTER.SYS []
S3 akshasp;SafeNet Inc. HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2015-09-23 77912]
S3 akshhl;SafeNet Inc. Sentinel HL Key; C:\Windows\system32\DRIVERS\akshhl.sys [2015-09-23 81368]
S3 aksusb;SafeNet Inc. USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2015-09-23 322560]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-06-08 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-06-08 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2015-06-03 54824]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys []
S3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\drivers\ibmpmdrv.sys [2015-05-12 63464]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-06-08 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-04 338536]
S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2015-01-06 3709656]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2014-06-08 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2014-06-08 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-06-08 29696]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-06-08 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-12-03 28672]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-03-29 241152]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2016-04-06 3993088]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-04-14 1074448]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2016-04-06 593880]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-06-08 27136]
R2 hasplms;Sentinel HASP License Manager; C:\Windows\system32\hasplms.exe [2015-09-23 4665168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2010-04-07 127800]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-09-24 31040]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [2013-01-25 952608]
R2 MSSQL$ECSQLEXPRESS;SQL Server (ECSQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2014-06-08 27136]
R2 SentinelKeysServer;Sentinel Keys Server; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2011-09-22 374304]
R2 SentinelSecurityRuntime;Sentinel Security Runtime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [2011-09-22 292384]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 153952]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-03-02 6942480]
R3 Disc Soft Pro Bus Service;Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe [2015-02-27 1267984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-04-06 638456]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-09-15 1471352]
S3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-09-05 1420192]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-03-31 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-04-14 146888]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-06-02 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Run by uzivatel at 2016-04-23 22:37:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 144 GB (47%) free of 305 GB
Total RAM: 2991 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:37:16, on 23.4.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18283)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files\trend micro\uzivatel.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Disc Soft Pro Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014 (mitsijm2014) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Security Runtime (SentinelSecurityRuntime) - SafeNet, Inc. - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10787 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\Av\avgrsa.exe /boot
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-4360-b46692c1f439 /binaryPath="C:\Program Files (x86)\AVG\Av\\" /logPath=C:\Windows\system32\config\systemprofile\AppData\Local\Avg\log\av16 /logCfgPath=C:\ProgramData\Avg\log\av16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 30383584
\??\C:\Windows\system32\conhost.exe "-668860959726511971-2124088147-871359058-8112772061306385202-1617677371669482154
C:\Windows\System32\spoolsv.exe
taskeng.exe {BA347388-5503-45B8-B2E7-50D7A0BC0587}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\AVG\Av\avgidsagent.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\hasplms.exe -run
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sECSQLEXPRESS
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe"
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe"
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe"
/TRAYONLY
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
/fmw.trayonly
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe"
ctfmon.exe
"C:\Users\uzivatel\Downloads\RSITx64.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
=========Mozilla firefox=========
ProfilePath - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
prefs.js - "keyword.URL" - "undefined://undefined/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-05-18 2927928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-02 28785792]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-04-06 32528]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-09-05 184736]
""= []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-03-28 642656]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-04-14 186640]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2016-04-23 22:29:46 ----D---- C:\_OTM
2016-04-23 20:56:35 ----D---- C:\AdwCleaner
2016-04-23 18:04:03 ----D---- C:\Program Files\trend micro
2016-04-23 18:04:02 ----D---- C:\rsit
2016-04-21 15:21:47 ----A---- C:\Windows\cimlicmanager.INI
2016-04-21 13:32:40 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2016-04-21 13:32:40 ----A---- C:\Windows\SYSWOW64\bgsserv.exe
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsrespt.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsrespl.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsresit.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsresfr.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsreses.dll
2016-04-21 13:32:39 ----A---- C:\Windows\SYSWOW64\bgsresda.dll
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsview.exe
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsresen.dll
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsresde.dll
2016-04-21 13:32:38 ----A---- C:\Windows\SYSWOW64\bgsmsnd.exe
2016-04-21 13:32:37 ----A---- C:\Windows\SYSWOW64\bgstb.dll
2016-04-21 13:32:37 ----A---- C:\Windows\SYSWOW64\bgscapi.dll
2016-04-21 13:32:36 ----A---- C:\Windows\SYSWOW64\bgsofice.dll
2016-04-21 13:32:36 ----A---- C:\Windows\system32\bgspm64.dll
2016-04-21 13:31:56 ----D---- C:\ProgramData\Cimatron
2016-04-21 13:31:56 ----D---- C:\Cimatron_Documents
2016-04-21 13:23:57 ----D---- C:\Program Files\Cimatron
2016-04-21 13:23:16 ----A---- C:\Windows\system32\hasplms.exe
2016-04-21 13:21:54 ----A---- C:\Windows\SYSWOW64\hlvdd.dll
2016-04-21 13:19:17 ----SHD---- C:\Config.Msi
2016-04-20 22:47:59 ----SHD---- C:\$RECYCLE.BIN
2016-04-20 22:47:09 ----A---- C:\ComboFix.txt
2016-04-20 21:36:16 ----A---- C:\Windows\zip.exe
2016-04-20 21:36:16 ----A---- C:\Windows\SWSC.exe
2016-04-20 21:36:16 ----A---- C:\Windows\SWREG.exe
2016-04-20 21:36:16 ----A---- C:\Windows\sed.exe
2016-04-20 21:36:16 ----A---- C:\Windows\PEV.exe
2016-04-20 21:36:16 ----A---- C:\Windows\NIRCMD.exe
2016-04-20 21:36:16 ----A---- C:\Windows\MBR.exe
2016-04-20 21:36:16 ----A---- C:\Windows\grep.exe
2016-04-20 21:35:21 ----D---- C:\Qoobox
2016-04-20 21:34:25 ----D---- C:\Windows\erdnt
2016-04-20 21:14:24 ----D---- C:\Program Files (x86)\Lnspmekiing
2016-04-20 21:14:24 ----D---- C:\Program Files (x86)\Busirekesp
2016-04-14 21:38:45 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-04-12 22:12:54 ----A---- C:\Windows\SYSWOW64\mtxoci.dll
2016-04-12 22:12:54 ----A---- C:\Windows\SYSWOW64\msorcl32.dll
2016-04-12 22:12:54 ----A---- C:\Windows\system32\mtxoci.dll
2016-04-12 22:12:42 ----A---- C:\Windows\system32\rpcss.dll
2016-04-12 22:12:41 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2016-04-12 22:12:41 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2016-04-12 22:12:41 ----A---- C:\Windows\system32\msxml3r.dll
2016-04-12 22:12:41 ----A---- C:\Windows\system32\msxml3.dll
2016-04-12 22:12:35 ----A---- C:\Windows\SYSWOW64\ole32.dll
2016-04-12 22:12:35 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-04-12 22:12:35 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-04-12 22:12:35 ----A---- C:\Windows\system32\ole32.dll
2016-04-12 22:12:35 ----A---- C:\Windows\system32\lsasrv.dll
2016-04-12 22:12:34 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-04-12 22:12:34 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-04-12 22:12:34 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\winsrv.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\smss.exe
2016-04-12 22:12:34 ----A---- C:\Windows\system32\schannel.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\rpcrt4.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-04-12 22:12:34 ----A---- C:\Windows\system32\ntdll.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\msv1_0.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\KernelBase.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\kernel32.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\kerberos.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-04-12 22:12:34 ----A---- C:\Windows\system32\certcli.dll
2016-04-12 22:12:34 ----A---- C:\Windows\system32\advapi32.dll
2016-04-12 22:12:33 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-04-12 22:12:33 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-12 22:12:32 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-04-12 22:12:32 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wow64win.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wow64cpu.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wow64.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\wdigest.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\TSpkg.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\sspisrv.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\sspicli.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\srcore.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\srclient.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\secur32.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\rstrui.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\rpchttp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\ntvdm64.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\ncrypt.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\lsass.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-04-12 22:12:32 ----A---- C:\Windows\system32\drivers\appid.sys
2016-04-12 22:12:32 ----A---- C:\Windows\system32\csrsrv.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\cryptbase.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\credssp.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\conhost.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\auditpol.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidsvc.dll
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-04-12 22:12:32 ----A---- C:\Windows\system32\appidapi.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-12 22:12:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\user.exe
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-04-12 22:12:31 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\msobjs.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\msaudite.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\apisetschema.dll
2016-04-12 22:12:31 ----A---- C:\Windows\system32\adtschema.dll
2016-04-12 22:12:19 ----A---- C:\Windows\system32\drivers\disk.sys
2016-04-12 22:12:18 ----A---- C:\Windows\system32\win32k.sys
2016-04-12 22:12:15 ----A---- C:\Windows\system32\tbs.dll
2016-04-12 22:12:15 ----A---- C:\Windows\system32\fveapi.dll
2016-04-12 22:12:14 ----A---- C:\Windows\SYSWOW64\tbs.dll
2016-04-12 22:12:14 ----A---- C:\Windows\system32\fveapibase.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\invagent.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\generaltel.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\devinv.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-04-12 22:12:01 ----A---- C:\Windows\system32\appraiser.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\aepic.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\aeinv.dll
2016-04-12 22:12:01 ----A---- C:\Windows\system32\acmigration.dll
2016-04-12 22:11:58 ----A---- C:\Windows\SYSWOW64\samlib.dll
2016-04-12 22:11:58 ----A---- C:\Windows\system32\samsrv.dll
2016-04-12 22:11:58 ----A---- C:\Windows\system32\samlib.dll
2016-04-12 22:11:48 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-04-12 22:11:48 ----A---- C:\Windows\system32\tzres.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-04-12 22:11:35 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\inseng.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\iernonce.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-04-12 22:11:35 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-04-12 22:11:35 ----A---- C:\Windows\system32\ie4uinit.exe
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-04-12 22:11:34 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-04-12 22:11:34 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-04-12 22:11:33 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\urlmon.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\occache.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-04-12 22:11:33 ----A---- C:\Windows\system32\iedkcs32.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-04-12 22:11:32 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-04-12 22:11:32 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-12 22:11:32 ----A---- C:\Windows\system32\msfeeds.dll
2016-04-12 22:11:32 ----A---- C:\Windows\system32\dxtrans.dll
2016-04-12 22:11:31 ----A---- C:\Windows\system32\iesetup.dll
2016-04-12 22:11:31 ----A---- C:\Windows\system32\ieapfltr.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-04-12 22:11:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-04-12 22:11:30 ----A---- C:\Windows\system32\vbscript.dll
2016-04-12 22:11:30 ----A---- C:\Windows\system32\jsproxy.dll
2016-04-12 22:11:30 ----A---- C:\Windows\system32\iertutil.dll
2016-04-12 22:11:29 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-04-12 22:11:28 ----A---- C:\Windows\system32\ieui.dll
2016-04-12 22:11:28 ----A---- C:\Windows\system32\ieframe.dll
2016-04-12 22:11:28 ----A---- C:\Windows\system32\dxtmsft.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\webcheck.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\mshtmled.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\jscript9diag.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\jscript.dll
2016-04-12 22:11:27 ----A---- C:\Windows\system32\ieUnatt.exe
2016-04-12 22:11:26 ----A---- C:\Windows\system32\wininet.dll
2016-04-12 22:11:26 ----A---- C:\Windows\system32\jscript9.dll
2016-04-12 22:11:25 ----A---- C:\Windows\system32\msrating.dll
2016-04-12 22:11:25 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-04-12 22:11:25 ----A---- C:\Windows\system32\mshtml.dll
2016-03-28 12:26:52 ----SHD---- C:\Windows\ftpcache
2016-03-28 12:26:28 ----A---- C:\Windows\system32\HPSIsvc.exe
2016-03-28 12:19:55 ----A---- C:\Windows\system32\HP1100SM.EXE
2016-03-28 12:19:55 ----A---- C:\Windows\system32\HP1100LM.DLL
2016-03-28 12:19:36 ----A---- C:\Windows\system32\mvhlewsi.dll
2016-03-28 12:19:33 ----D---- C:\Program Files\HP
2016-03-28 12:19:32 ----A---- C:\Windows\system32\HP1100SMs.dll
======List of files/folders modified in the last 1 month======
2016-04-23 22:35:50 ----D---- C:\Windows\Prefetch
2016-04-23 22:35:24 ----D---- C:\Windows\Temp
2016-04-23 22:34:47 ----D---- C:\Windows\SysWOW64
2016-04-23 22:33:14 ----D---- C:\Windows\system32\config
2016-04-23 21:05:42 ----D---- C:\Windows\System32
2016-04-23 21:05:42 ----D---- C:\Windows\inf
2016-04-23 21:05:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-04-23 20:58:34 ----D---- C:\ProgramData
2016-04-23 20:58:34 ----D---- C:\Program Files\Common Files
2016-04-23 20:58:34 ----D---- C:\Program Files (x86)\Common Files
2016-04-23 20:58:33 ----RD---- C:\Program Files (x86)
2016-04-23 19:33:42 ----D---- C:\ProgramData\MFAData
2016-04-23 18:04:03 ----RD---- C:\Program Files
2016-04-21 21:11:38 ----D---- C:\Program Files (x86)\TeamViewer
2016-04-21 21:06:17 ----SHD---- C:\System Volume Information
2016-04-21 20:40:58 ----D---- C:\Windows
2016-04-21 15:48:29 ----D---- C:\Windows\system32\drivers
2016-04-21 15:48:26 ----D---- C:\Windows\system32\DriverStore
2016-04-21 15:24:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-04-21 13:32:22 ----SHD---- C:\Windows\Installer
2016-04-21 13:32:14 ----RSD---- C:\Windows\Fonts
2016-04-21 13:23:25 ----D---- C:\Windows\system32\Setup
2016-04-21 13:20:37 ----D---- C:\ProgramData\Package Cache
2016-04-20 22:34:02 ----A---- C:\Windows\system.ini
2016-04-20 22:26:43 ----D---- C:\Windows\SYSWOW64\drivers
2016-04-20 22:26:43 ----D---- C:\Windows\AppPatch
2016-04-20 21:51:21 ----D---- C:\Windows\system32\drivers\etc
2016-04-20 21:45:21 ----D---- C:\Windows\Downloaded Program Files
2016-04-20 21:15:59 ----D---- C:\Windows\system32\Tasks
2016-04-20 20:58:08 ----D---- C:\ProgramData\SafeNet Sentinel
2016-04-20 20:35:47 ----A---- C:\Windows\SCAux.INI
2016-04-20 20:29:33 ----A---- C:\Windows\ODBC.INI
2016-04-20 08:41:06 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-14 14:33:38 ----D---- C:\Windows\system32\wdi
2016-04-13 04:23:58 ----D---- C:\Windows\rescache
2016-04-13 03:45:27 ----D---- C:\Windows\Microsoft.NET
2016-04-13 03:44:49 ----RSD---- C:\Windows\assembly
2016-04-13 03:35:44 ----D---- C:\Windows\winsxs
2016-04-13 03:31:12 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-04-13 03:31:12 ----D---- C:\Windows\system32\en-US
2016-04-13 03:31:12 ----D---- C:\Windows\system32\cs-CZ
2016-04-13 03:31:11 ----D---- C:\Windows\SYSWOW64\wbem
2016-04-13 03:31:11 ----D---- C:\Windows\system32\wbem
2016-04-13 03:31:11 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-04-13 03:31:11 ----D---- C:\Windows\system32\Boot
2016-04-13 03:31:10 ----D---- C:\Windows\system32\appraiser
2016-04-13 03:31:10 ----D---- C:\Windows\Logs
2016-04-13 03:31:08 ----D---- C:\Program Files\Internet Explorer
2016-04-13 03:31:07 ----D---- C:\Windows\SYSWOW64\en-US
2016-04-13 03:31:06 ----D---- C:\Program Files (x86)\Internet Explorer
2016-04-13 03:10:05 ----D---- C:\Windows\system32\MRT
2016-04-13 03:04:29 ----A---- C:\Windows\system32\MRT.exe
2016-04-13 03:02:18 ----D---- C:\Windows\system32\catroot2
2016-04-04 03:03:31 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2016-04-04 03:00:56 ----SD---- C:\Windows\SYSWOW64\GWX
2016-04-04 03:00:56 ----SD---- C:\Windows\system32\GWX
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2016-01-26 272304]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2016-02-16 360736]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2016-03-07 246560]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2015-12-04 42416]
R0 Avguniva;AVG Universal Driver; C:\Windows\system32\DRIVERS\avguniva.sys [2016-03-08 71456]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-04-24 633704]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2014-04-24 28008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2014-06-08 213848]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-06-06 381608]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2016-02-16 162592]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2016-03-08 306976]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-10-08 302000]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-06-08 60416]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2015-09-23 109200]
R2 aksfridge;Sentinel Fridge; C:\Windows\system32\DRIVERS\aksfridge.sys [2015-09-23 205528]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2015-09-23 350552]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2010-01-26 1212416]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-03-29 11658752]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-03-29 581120]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-02-14 96768]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-10-02 7765240]
R3 dtproscsibus;DAEMON Tools Pro Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtproscsibus.sys [2015-06-06 30352]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-02-19 57848]
R3 int0800;Intel 28F320C3 Flash Update Device Driver v6.4; C:\Windows\system32\DRIVERS\flashud.sys [2009-09-09 51712]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-01-15 977624]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-05-18 434488]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-06-08 18432]
S2 Haspnt;Haspnt; \??\C:\Windows\system32\drivers\Haspnt.sys []
S2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS []
S2 SentinelFilter;SentinelFilter; \??\C:\Users\uzivatel\Downloads\SURFCAM\SURFCAM\crack\SENTINELFILTER.SYS []
S3 akshasp;SafeNet Inc. HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2015-09-23 77912]
S3 akshhl;SafeNet Inc. Sentinel HL Key; C:\Windows\system32\DRIVERS\akshhl.sys [2015-09-23 81368]
S3 aksusb;SafeNet Inc. USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2015-09-23 322560]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-06-08 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-06-08 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2015-06-03 54824]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-07-14 344616]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys []
S3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\drivers\ibmpmdrv.sys [2015-05-12 63464]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-06-08 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-04 338536]
S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2015-01-06 3709656]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2014-06-08 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2014-06-08 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-06-08 29696]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-06-08 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-12-03 28672]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-03-29 241152]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2016-04-06 3993088]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-04-14 1074448]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2016-04-06 593880]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-29 951584]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-06-08 27136]
R2 hasplms;Sentinel HASP License Manager; C:\Windows\system32\hasplms.exe [2015-09-23 4665168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-08-10 197536]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2010-04-07 127800]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-09-24 31040]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [2013-01-25 952608]
R2 MSSQL$ECSQLEXPRESS;SQL Server (ECSQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-13 769432]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2014-06-08 27136]
R2 SentinelKeysServer;Sentinel Keys Server; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2011-09-22 374304]
R2 SentinelSecurityRuntime;Sentinel Security Runtime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [2011-09-22 292384]
R2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 153952]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-03-02 6942480]
R3 Disc Soft Pro Bus Service;Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe [2015-02-27 1267984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-04-06 638456]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-09-15 1471352]
S3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-09-05 1420192]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-03-31 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-04-14 146888]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-06-02 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o check TRAPI ME SMEJD
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o check TRAPI ME SMEJD
Zatim to vypada v poho
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o check TRAPI ME SMEJD
Tak to jsem rád! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o check TRAPI ME SMEJD
Dekuju moc, poslu odmenu.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o check TRAPI ME SMEJD
Za podporu děkujeme a vy nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?