Ahoj,
prosím o kontrolu logu. NB je pomalý.
CPU jede na 35%, RAM mám tak cca na 40% využitý...
děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by B-CENTRUM at 2016-05-19 08:57:54
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 617 GB (88%) free of 701 GB
Total RAM: 8066 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:58:02, on 19.5.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18315)
Boot mode: Normal
Running processes:
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\trend micro\B-CENTRUM.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1201689258-1509952851-1086272638-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1201689258-1509952851-1086272638-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - S-1-5-21-1201689258-1509952851-1086272638-1000 User Startup: Smart Settings.lnk = C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (User 'UpdatusUser')
O4 - .DEFAULT User Startup: Smart Settings.lnk = C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe
O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: Dell Feature Enhancement Pack Service (DFEPService) - Dell Inc. - C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: EmbassyService - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Invincea Enterprise Service (InvProtectSvc) - Invincea, Inc. - C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\o2flash.exe (file missing)
O23 - Service: Dell PBA x64 Service (PbaDrvSvc_x64) - Dell, Inc. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
O23 - Service: postgresql-9.2 - PostgreSQL Server 9.2 (postgresql-9.2) - PostgreSQL Global Development Group - C:/PostgreSQL/9.2/bin/pg_ctl.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SboxSvc - Unknown owner - C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: SI TSS v1.2.1.41 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: Wave Authentication Manager Service - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WvPCR - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 13958 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\WLANExt.exe 24318384
\??\C:\Windows\system32\conhost.exe "-101810965-252203464-1010054209-785760724-526530871-2060782810-916484936315247014
"C:\Program Files\Common Files\SPBA\upeksvr.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {A3380988-3870-46DA-9884-7FD398DD5770}
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\system32\IProsetMonitor.exe
C:\Windows\system32\o2flash.exe
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe"
C:/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N "postgresql-9.2" -D "C:/Program Files (x86)/PostgreSQL/9.2/data" -w
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:/PostgreSQL/9.2/bin/postgres.exe -D "C:/Program Files (x86)/PostgreSQL/9.2/data"
\??\C:\Windows\system32\conhost.exe "1881323053-18559698-5480585181650852109-1190516184588684995524820312708268018
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forklog" "1084" "1080"
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {4FE6B309-10BC-4BF8-BB12-DB076D0B1473}
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe"
"C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe"
"C:\Windows\System32\TiltWheelMouse.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Windows\system32\GWX\GWX.exe"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkboot" "1236" "-x4"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkboot" "1252" "-x3"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkboot" "1236" "-x5"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkavlauncher" "1252"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkcol" "1236"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
taskeng.exe {BEF1B154-09E2-4F14-9B28-DBC6263656C0}
"C:\Program Files (x86)\Glary Utilities 5\Integrator.exe" /autostart
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\DellTPad\HidFind.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "-1331721322393158480-828229344568072630-468036901-15047809711980153933804965696
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe"
"c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe"
"C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Dell\DellDataVault\DellDataVault.exe"
C:\Windows\system32\wbem\WmiApSrv.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\B-CENTRUM\Desktop\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1201689258-1509952851-1086272638-10012_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1201689258-1509952851-1086272638-10012 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\B-CENTRUM\AppData\Roaming\Mozilla\Firefox\Profiles\93c7nndk.default
prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
nppdf32.JPN
C:\Users\B-CENTRUM\AppData\Roaming\Mozilla\Firefox\Profiles\93c7nndk.default\searchplugins\
bingp.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29 2134648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 2322576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29 1725056]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-09 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-09 398616]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-02-05 1702912]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-01-25 2041192]
"TdmNotify"=C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [2013-03-05 371024]
"DFEPApplication"=C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [2012-08-15 7077432]
"MouseDriver"=C:\Windows\system32\TiltWheelMouse.exe [2012-12-19 241152]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2015-07-08 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GUDelayStartup"=C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [2016-05-16 43984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-02-22 292088]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-11-13 134616]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-06-07 56128]
"kbdsprt"= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-01 430080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba]
C:\Program Files\Common Files\SPBA\homefus2.dll [2012-08-17 2307944]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth
"notification packages"=scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-05-19 08:57:55 ----D---- C:\Program Files\trend micro
2016-05-19 08:57:54 ----D---- C:\rsit
2016-05-19 08:47:11 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-05-19 08:46:47 ----D---- C:\Windows\PCHEALTH
2016-05-19 08:46:47 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2016-05-19 08:45:51 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2016-05-19 08:44:54 ----D---- C:\Program Files\Microsoft Office
2016-05-19 08:43:10 ----RHD---- C:\MSOCache
2016-05-18 17:52:15 ----N---- C:\bootsqm.dat
2016-05-18 17:27:28 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\GlarySoft
2016-05-18 17:27:28 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\DiskDefrag
2016-05-18 17:27:28 ----A---- C:\Windows\system32\drivers\GUBootStartup.sys
2016-05-18 17:27:20 ----D---- C:\Program Files (x86)\Glary Utilities 5
2016-05-13 17:29:36 ----A---- C:\Windows\system32\win32k.sys
2016-05-13 17:29:35 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-05-13 17:29:35 ----A---- C:\Windows\system32\tzres.dll
2016-05-13 17:29:34 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-05-13 17:29:34 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-05-13 17:29:34 ----A---- C:\Windows\system32\cdd.dll
2016-05-13 17:29:33 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-05-13 17:29:33 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-05-13 17:29:33 ----A---- C:\Windows\system32\gdi32.dll
2016-05-13 17:29:33 ----A---- C:\Windows\system32\d3d10level9.dll
2016-05-13 17:29:31 ----A---- C:\Windows\system32\jnwmon.dll
2016-05-13 17:29:29 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-05-13 17:29:29 ----A---- C:\Windows\system32\InkEd.dll
2016-05-13 17:29:25 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-05-13 17:29:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-05-13 17:29:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-05-13 17:29:25 ----A---- C:\Windows\system32\iernonce.dll
2016-05-13 17:29:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\inseng.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\ie4uinit.exe
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\urlmon.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\occache.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\iedkcs32.dll
2016-05-13 17:29:22 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-05-13 17:29:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-05-13 17:29:22 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-13 17:29:22 ----A---- C:\Windows\system32\msfeeds.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\iesetup.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\ieapfltr.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\dxtrans.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-05-13 17:29:21 ----A---- C:\Windows\system32\vbscript.dll
2016-05-13 17:29:21 ----A---- C:\Windows\system32\jsproxy.dll
2016-05-13 17:29:21 ----A---- C:\Windows\system32\iertutil.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\mshtmled.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\ieui.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\ieframe.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\dxtmsft.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\wininet.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\webcheck.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\jscript9diag.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\jscript9.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\jscript.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\ieUnatt.exe
2016-05-13 17:29:18 ----A---- C:\Windows\system32\msrating.dll
2016-05-13 17:29:18 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-05-13 17:29:18 ----A---- C:\Windows\system32\mshtml.dll
2016-05-13 17:28:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-05-13 17:28:58 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-05-13 17:28:58 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-05-13 17:28:58 ----A---- C:\Windows\system32\rpcrt4.dll
2016-05-13 17:28:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-05-13 17:28:58 ----A---- C:\Windows\system32\lsasrv.dll
2016-05-13 17:28:58 ----A---- C:\Windows\system32\kerberos.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wow64win.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wow64cpu.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wow64.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\winsrv.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wdigest.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\TSpkg.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\sspisrv.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\sspicli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\srcore.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\srclient.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\smss.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\schannel.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\secur32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\rstrui.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\rpchttp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\ntvdm64.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\ntdll.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\ncrypt.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\msv1_0.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\lsass.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\KernelBase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\kernel32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\appid.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\csrsrv.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\cryptbase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\credssp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\conhost.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\certcli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\auditpol.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidsvc.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidapi.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\advapi32.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\user.exe
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\msobjs.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\msaudite.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\apisetschema.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\adtschema.dll
2016-05-13 17:28:53 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-05-13 17:28:53 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-05-04 21:30:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2016-05-19 08:58:02 ----D---- C:\Windows\Prefetch
2016-05-19 08:57:56 ----D---- C:\Windows\Temp
2016-05-19 08:57:55 ----RD---- C:\Program Files
2016-05-19 08:57:26 ----D---- C:\Windows\system32\Tasks
2016-05-19 08:56:49 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\Skype
2016-05-19 08:55:01 ----D---- C:\Windows\system32\config
2016-05-19 08:54:15 ----D---- C:\ProgramData\NVIDIA
2016-05-19 08:53:57 ----D---- C:\Windows
2016-05-19 08:50:18 ----D---- C:\Windows\Microsoft.NET
2016-05-19 08:50:07 ----SHD---- C:\Windows\Installer
2016-05-19 08:50:02 ----RSD---- C:\Windows\assembly
2016-05-19 08:49:42 ----D---- C:\ProgramData\Microsoft Help
2016-05-19 08:47:49 ----RSD---- C:\Windows\Fonts
2016-05-19 08:47:44 ----D---- C:\Windows\ShellNew
2016-05-19 08:47:39 ----D---- C:\Windows\SysWOW64
2016-05-19 08:47:39 ----D---- C:\Program Files (x86)\Common Files
2016-05-19 08:47:23 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-05-19 08:47:11 ----HD---- C:\ProgramData
2016-05-19 08:46:47 ----RD---- C:\Program Files (x86)
2016-05-19 08:46:47 ----D---- C:\Program Files (x86)\Microsoft Office
2016-05-19 08:46:06 ----A---- C:\Windows\win.ini
2016-05-19 08:45:11 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-05-19 08:43:40 ----SHD---- C:\System Volume Information
2016-05-19 08:42:13 ----D---- C:\Windows\System32
2016-05-19 08:42:13 ----D---- C:\Windows\inf
2016-05-19 08:42:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-05-19 07:42:12 ----D---- C:\Windows\winsxs
2016-05-18 21:29:28 ----D---- C:\Windows\system32\drivers
2016-05-18 17:35:46 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\TeamViewer
2016-05-18 17:35:28 ----D---- C:\Windows\Minidump
2016-05-18 17:35:28 ----D---- C:\Windows\debug
2016-05-14 13:35:12 ----RD---- C:\Program Files (x86)\Skype
2016-05-14 09:05:10 ----HD---- C:\Windows\system32\WLANProfiles
2016-05-13 23:36:03 ----D---- C:\Windows\system32\appraiser
2016-05-13 17:59:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-05-13 17:59:14 ----D---- C:\Windows\system32\cs-CZ
2016-05-13 17:59:14 ----D---- C:\Windows\ehome
2016-05-13 17:59:13 ----D---- C:\Program Files\Windows Journal
2016-05-13 17:59:12 ----D---- C:\Program Files\Internet Explorer
2016-05-13 17:59:11 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-05-13 17:59:11 ----D---- C:\Windows\SYSWOW64\pl-PL
2016-05-13 17:59:11 ----D---- C:\Windows\SYSWOW64\hu-HU
2016-05-13 17:59:11 ----D---- C:\Program Files (x86)\Internet Explorer
2016-05-13 17:59:10 ----D---- C:\Windows\SYSWOW64\en-US
2016-05-13 17:59:10 ----D---- C:\Windows\system32\sk-SK
2016-05-13 17:59:10 ----D---- C:\Windows\system32\pl-PL
2016-05-13 17:59:10 ----D---- C:\Windows\system32\hu-HU
2016-05-13 17:59:10 ----D---- C:\Windows\system32\en-US
2016-05-13 17:59:02 ----D---- C:\Windows\AppPatch
2016-05-13 17:59:01 ----D---- C:\Windows\system32\Boot
2016-05-13 17:52:21 ----D---- C:\Windows\system32\MRT
2016-05-13 17:45:08 ----A---- C:\Windows\system32\MRT.exe
2016-05-13 17:26:26 ----D---- C:\Windows\system32\catroot2
2016-05-13 14:15:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-05-13 14:15:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2016-05-13 10:17:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-11 11:33:17 ----D---- C:\ProgramData\PCDr
2016-05-07 03:02:18 ----SD---- C:\Windows\SYSWOW64\GWX
2016-05-07 03:02:18 ----SD---- C:\Windows\system32\GWX
2016-04-30 20:36:12 ----D---- C:\ProgramData\SupportAssistAgent
2016-04-21 15:05:02 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2012-05-30 569152]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-02-22 20464]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-01-25 30496]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 22128]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-07-14 255240]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-07-14 178520]
R1 GUBootStartup;GUBootStartup; \??\C:\Windows\System32\drivers\GUBootStartup.sys [2016-05-18 20160]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2013-01-25 284448]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2015-07-14 168208]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2013-02-21 489264]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2010-09-11 176096]
R3 dcdbas;System Management Driver; C:\Windows\system32\DRIVERS\dcdbas64.sys [2012-09-23 39016]
R3 DDDriver;DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [2015-09-11 32464]
R3 DellProf;DellProf; C:\Windows\system32\drivers\DellProf.sys [2015-05-22 24240]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-06-16 515440]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-01 14659808]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-02-22 358896]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-02-22 792560]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-11-13 99288]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-09-30 11523072]
R3 O2SDJRDR;O2SDJRDR; C:\Windows\system32\DRIVERS\o2sdjw7x64.sys [2012-04-27 85336]
R3 ST_ACCEL;STMicroelectronics Accelerometer Service; C:\Windows\system32\DRIVERS\ST_ACCEL.sys [2012-05-21 68208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-02-05 544768]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2014-07-06 135720]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2014-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2014-07-06 80384]
S3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2014-07-06 615464]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2014-07-06 184360]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2014-07-06 211496]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2014-07-06 39976]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2014-07-06 21544]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 InvProtectDrv;InvProtectDrv; \??\C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [2013-07-30 34824]
S3 netvsc;netvsc; C:\Windows\system32\DRIVERS\netvsc60.sys [2010-11-21 168448]
S3 O2MDFRDR;O2MDFRDR; C:\Windows\system32\drivers\O2MDFw7x64.sys [2011-01-03 72808]
S3 O2MDRRDR;O2MDRRDR; C:\Windows\system32\drivers\O2MDRw7x64.sys [2011-01-04 74984]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SboxDrv;SboxDrv; \??\C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [2013-07-30 202248]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 SynthVid;SynthVid; C:\Windows\system32\DRIVERS\VMBusVideoM.sys [2010-11-21 22528]
S3 t_mouse.sys;HID-compliand device; C:\Windows\system32\DRIVERS\t_mouse.sys [2012-12-19 6144]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2012-02-22 945440]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-04-29 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-04-29 1773696]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DellDataVault;Dell Data Vault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2016-03-11 2572024]
R2 DellDataVaultWiz;Dell Data Vault Wizard; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2016-03-11 202488]
R2 DellDigitalDelivery;Dell Digital Delivery Service; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2014-04-10 202248]
R2 DFEPService;Dell Feature Enhancement Pack Service; C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2012-08-15 2280504]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2015-07-08 1353720]
R2 EmbassyService;EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2013-03-11 231792]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-08-23 629040]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-05-30 13632]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2012-06-06 190824]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-11-13 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-11-13 390616]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-25 884512]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-01-25 1260320]
R2 O2FLASH;O2FLASH; C:\Windows\system32\o2flash.exe [2011-11-16 244328]
R2 PbaDrvSvc_x64;Dell PBA x64 Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [2013-01-21 21504]
R2 postgresql-9.2;postgresql-9.2 - PostgreSQL Server 9.2; C:/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N postgresql-9.2 -D C:/Program Files (x86)/PostgreSQL/9.2/data -w []
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-08-23 149296]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-02-05 332800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-24 383264]
R2 SupportAssistAgent;Dell SupportAssist Agent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2016-04-22 31928]
R2 TdmService;TdmService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe [2013-03-05 5159760]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2015-04-09 5261584]
R2 Wave Authentication Manager Service;Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2013-02-26 1773056]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-01-29 327296]
S2 tcsd_win32.exe;SI TSS v1.2.1.41 TCS; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [2012-05-11 1643520]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-09 276248]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-04-23 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 InvProtectSvc;Invincea Enterprise Service; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2013-07-30 2947856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-05-04 146888]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-08-23 272688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SboxSvc;SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [2013-07-30 124616]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe [2013-02-01 2215272]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-03 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalý NB
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý NB
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý NB
# AdwCleaner v5.117 - Log soubor vytvořen 19/05/2016 o 18:29:26
# Aktualizováno 15/05/2016 by Xplode
# Databáze : 2016-05-15.2 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Jméno uživatele : B-CENTRUM - B-CENTRUM-PC
# Spuštěno z : C:\Users\B-CENTRUM\Desktop\adwcleaner_5.117.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
[-] Soubor smazáno : C:\Users\B-CENTRUM\AppData\Roaming\Mozilla\Firefox\Profiles\93c7nndk.default\searchplugins\bingp.xml
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
***** [ Webové prohlížeče ] *****
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [927 bytes] - [19/05/2016 18:29:26]
C:\AdwCleaner\AdwCleaner[S1].txt - [966 bytes] - [19/05/2016 18:24:57]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1071 bytes] ##########
# Aktualizováno 15/05/2016 by Xplode
# Databáze : 2016-05-15.2 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Jméno uživatele : B-CENTRUM - B-CENTRUM-PC
# Spuštěno z : C:\Users\B-CENTRUM\Desktop\adwcleaner_5.117.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
[-] Soubor smazáno : C:\Users\B-CENTRUM\AppData\Roaming\Mozilla\Firefox\Profiles\93c7nndk.default\searchplugins\bingp.xml
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
***** [ Webové prohlížeče ] *****
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [927 bytes] - [19/05/2016 18:29:26]
C:\AdwCleaner\AdwCleaner[S1].txt - [966 bytes] - [19/05/2016 18:24:57]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1071 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý NB
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý NB
Logfile of random's system information tool 1.10 (written by random/random)
Run by B-CENTRUM at 2016-05-19 19:49:13
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 608 GB (87%) free of 701 GB
Total RAM: 8066 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:49:15, on 19.5.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18315)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\trend micro\B-CENTRUM.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1201689258-1509952851-1086272638-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1201689258-1509952851-1086272638-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - S-1-5-21-1201689258-1509952851-1086272638-1000 User Startup: Smart Settings.lnk = C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (User 'UpdatusUser')
O4 - .DEFAULT User Startup: Smart Settings.lnk = C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe
O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: Dell Feature Enhancement Pack Service (DFEPService) - Dell Inc. - C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: EmbassyService - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Invincea Enterprise Service (InvProtectSvc) - Invincea, Inc. - C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: NVIDIA WMI Provider (NVWMI) - Unknown owner - C:\Windows\system32\nvwmi64.exe (file missing)
O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\o2flash.exe (file missing)
O23 - Service: Dell PBA x64 Service (PbaDrvSvc_x64) - Dell, Inc. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
O23 - Service: postgresql-9.2 - PostgreSQL Server 9.2 (postgresql-9.2) - PostgreSQL Global Development Group - C:/PostgreSQL/9.2/bin/pg_ctl.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SboxSvc - Unknown owner - C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: SI TSS v1.2.1.41 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: Wave Authentication Manager Service - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WvPCR - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 13826 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Windows\system32\nvwmi64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 25311952
"C:\Program Files\Common Files\SPBA\upeksvr.exe"
C:\Windows\System32\spoolsv.exe
\??\C:\Windows\system32\conhost.exe "-47233290518781464582067043141-1917360323-174574832119889444701316767925-1249721906
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\nvwmi64.exe -spawnprovider
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\system32\IProsetMonitor.exe
C:\Windows\system32\o2flash.exe
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe"
C:/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N "postgresql-9.2" -D "C:/Program Files (x86)/PostgreSQL/9.2/data" -w
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:/PostgreSQL/9.2/bin/postgres.exe -D "C:/Program Files (x86)/PostgreSQL/9.2/data"
\??\C:\Windows\system32\conhost.exe "-1974006988200389100871023886-11247529201639124335-986372543105185609-1809923597
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forklog" "1084" "1080"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkboot" "156" "-x4"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkboot" "1236" "-x3"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkboot" "156" "-x5"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkavlauncher" "1236"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkcol" "156"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[C1].txt
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Glary Utilities 5\Integrator.exe" /autostart
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe"
"c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\DellTPad\HidFind.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "-4937493231803341918-16241741294869946721409749618-929570936325736057-1801386375
"C:\Program Files\Dell\DellDataVault\DellDataVault.exe"
"C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k defragsvc
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\B-CENTRUM\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\B-CENTRUM\AppData\Roaming\Mozilla\Firefox\Profiles\93c7nndk.default
prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
nppdf32.JPN
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-02-09 228552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29 2134648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2014-01-22 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2016-04-12 2348848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-02-09 163016]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29 1725056]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-04-12 1741104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-09 170264]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-02-05 1702912]
"DFEPApplication"=C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [2012-08-15 7077432]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2015-07-08 5595848]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-12-04 2747680]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GUDelayStartup"=C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [2016-05-16 43984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-02-22 292088]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-06-07 56128]
"kbdsprt"= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-01 430080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba]
C:\Program Files\Common Files\SPBA\homefus2.dll [2012-08-17 2307944]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth
"notification packages"=scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-05-19 18:24:37 ----D---- C:\AdwCleaner
2016-05-19 15:13:05 ----D---- C:\Windows\SYSWOW64\NV
2016-05-19 15:13:05 ----D---- C:\Windows\system32\NV
2016-05-19 15:11:34 ----A---- C:\Windows\system32\nvWmiShim.dll
2016-05-19 15:11:34 ----A---- C:\Windows\system32\nvwmi64.exe
2016-05-19 10:37:23 ----A---- C:\Windows\system32\RegBootDefrag.exe
2016-05-19 10:30:09 ----SHD---- C:\Config.Msi
2016-05-19 09:42:17 ----D---- C:\Program Files\Microsoft Silverlight
2016-05-19 09:42:17 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-05-19 08:57:55 ----D---- C:\Program Files\trend micro
2016-05-19 08:57:54 ----D---- C:\rsit
2016-05-19 08:47:11 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-05-19 08:46:47 ----D---- C:\Windows\PCHEALTH
2016-05-19 08:46:47 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2016-05-19 08:45:51 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2016-05-19 08:44:54 ----D---- C:\Program Files\Microsoft Office
2016-05-19 08:43:10 ----RHD---- C:\MSOCache
2016-05-18 17:52:15 ----N---- C:\bootsqm.dat
2016-05-18 17:27:28 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\GlarySoft
2016-05-18 17:27:28 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\DiskDefrag
2016-05-18 17:27:28 ----A---- C:\Windows\system32\drivers\GUBootStartup.sys
2016-05-18 17:27:20 ----D---- C:\Program Files (x86)\Glary Utilities 5
2016-05-13 17:29:36 ----A---- C:\Windows\system32\win32k.sys
2016-05-13 17:29:35 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-05-13 17:29:35 ----A---- C:\Windows\system32\tzres.dll
2016-05-13 17:29:34 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-05-13 17:29:34 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-05-13 17:29:34 ----A---- C:\Windows\system32\cdd.dll
2016-05-13 17:29:33 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-05-13 17:29:33 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-05-13 17:29:33 ----A---- C:\Windows\system32\gdi32.dll
2016-05-13 17:29:33 ----A---- C:\Windows\system32\d3d10level9.dll
2016-05-13 17:29:31 ----A---- C:\Windows\system32\jnwmon.dll
2016-05-13 17:29:29 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-05-13 17:29:29 ----A---- C:\Windows\system32\InkEd.dll
2016-05-13 17:29:25 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-05-13 17:29:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-05-13 17:29:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-05-13 17:29:25 ----A---- C:\Windows\system32\iernonce.dll
2016-05-13 17:29:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\inseng.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\ie4uinit.exe
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\urlmon.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\occache.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\iedkcs32.dll
2016-05-13 17:29:22 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-05-13 17:29:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-05-13 17:29:22 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-13 17:29:22 ----A---- C:\Windows\system32\msfeeds.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\iesetup.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\ieapfltr.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\dxtrans.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-05-13 17:29:21 ----A---- C:\Windows\system32\vbscript.dll
2016-05-13 17:29:21 ----A---- C:\Windows\system32\jsproxy.dll
2016-05-13 17:29:21 ----A---- C:\Windows\system32\iertutil.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\mshtmled.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\ieui.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\ieframe.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\dxtmsft.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\wininet.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\webcheck.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\jscript9diag.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\jscript9.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\jscript.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\ieUnatt.exe
2016-05-13 17:29:18 ----A---- C:\Windows\system32\msrating.dll
2016-05-13 17:29:18 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-05-13 17:29:18 ----A---- C:\Windows\system32\mshtml.dll
2016-05-13 17:28:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-05-13 17:28:58 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-05-13 17:28:58 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-05-13 17:28:58 ----A---- C:\Windows\system32\rpcrt4.dll
2016-05-13 17:28:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-05-13 17:28:58 ----A---- C:\Windows\system32\lsasrv.dll
2016-05-13 17:28:58 ----A---- C:\Windows\system32\kerberos.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wow64win.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wow64cpu.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wow64.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\winsrv.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wdigest.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\TSpkg.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\sspisrv.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\sspicli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\srcore.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\srclient.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\smss.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\schannel.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\secur32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\rstrui.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\rpchttp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\ntvdm64.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\ntdll.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\ncrypt.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\msv1_0.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\lsass.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\KernelBase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\kernel32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\appid.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\csrsrv.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\cryptbase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\credssp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\conhost.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\certcli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\auditpol.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidsvc.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidapi.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\advapi32.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\user.exe
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\msobjs.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\msaudite.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\apisetschema.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\adtschema.dll
2016-05-13 17:28:53 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-05-13 17:28:53 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-05-04 21:30:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2016-05-19 19:49:15 ----D---- C:\Windows\Temp
2016-05-19 19:44:08 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\Skype
2016-05-19 19:43:54 ----D---- C:\Windows\system32\Tasks
2016-05-19 19:41:00 ----D---- C:\Windows\Prefetch
2016-05-19 19:22:47 ----D---- C:\Windows\system32\config
2016-05-19 18:30:12 ----D---- C:\ProgramData\NVIDIA
2016-05-19 16:16:48 ----HD---- C:\Windows\system32\WLANProfiles
2016-05-19 15:14:39 ----D---- C:\Windows
2016-05-19 15:13:05 ----D---- C:\Windows\SysWOW64
2016-05-19 15:13:05 ----D---- C:\Windows\System32
2016-05-19 15:11:34 ----D---- C:\Windows\system32\wbem
2016-05-19 15:11:34 ----D---- C:\Program Files\NVIDIA Corporation
2016-05-19 15:11:25 ----D---- C:\ProgramData\NVIDIA Corporation
2016-05-19 15:11:18 ----D---- C:\Windows\inf
2016-05-19 15:11:09 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-05-19 15:09:23 ----D---- C:\Windows\system32\drivers
2016-05-19 15:09:15 ----D---- C:\Windows\system32\DriverStore
2016-05-19 15:08:17 ----SHD---- C:\System Volume Information
2016-05-19 15:00:33 ----SHD---- C:\Windows\Installer
2016-05-19 15:00:01 ----D---- C:\ProgramData\Microsoft Help
2016-05-19 14:59:37 ----D---- C:\Windows\Microsoft.NET
2016-05-19 14:58:13 ----RSD---- C:\Windows\assembly
2016-05-19 14:56:34 ----A---- C:\Windows\win.ini
2016-05-19 14:25:55 ----D---- C:\ProgramData\PCDr
2016-05-19 13:18:20 ----SD---- C:\ProgramData\Microsoft
2016-05-19 10:31:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-05-19 10:23:12 ----RD---- C:\Program Files (x86)\Skype
2016-05-19 10:22:58 ----D---- C:\ProgramData\Skype
2016-05-19 09:50:50 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-05-19 09:42:17 ----RD---- C:\Program Files (x86)
2016-05-19 09:42:17 ----RD---- C:\Program Files
2016-05-19 08:47:49 ----RSD---- C:\Windows\Fonts
2016-05-19 08:47:44 ----D---- C:\Windows\ShellNew
2016-05-19 08:47:39 ----D---- C:\Program Files (x86)\Common Files
2016-05-19 08:47:11 ----HD---- C:\ProgramData
2016-05-19 08:46:47 ----D---- C:\Program Files (x86)\Microsoft Office
2016-05-19 08:45:11 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-05-19 07:42:12 ----D---- C:\Windows\winsxs
2016-05-18 17:35:46 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\TeamViewer
2016-05-18 17:35:28 ----D---- C:\Windows\Minidump
2016-05-18 17:35:28 ----D---- C:\Windows\debug
2016-05-13 23:36:03 ----D---- C:\Windows\system32\appraiser
2016-05-13 17:59:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-05-13 17:59:14 ----D---- C:\Windows\system32\cs-CZ
2016-05-13 17:59:14 ----D---- C:\Windows\ehome
2016-05-13 17:59:13 ----D---- C:\Program Files\Windows Journal
2016-05-13 17:59:12 ----D---- C:\Program Files\Internet Explorer
2016-05-13 17:59:11 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-05-13 17:59:11 ----D---- C:\Windows\SYSWOW64\pl-PL
2016-05-13 17:59:11 ----D---- C:\Windows\SYSWOW64\hu-HU
2016-05-13 17:59:11 ----D---- C:\Program Files (x86)\Internet Explorer
2016-05-13 17:59:10 ----D---- C:\Windows\SYSWOW64\en-US
2016-05-13 17:59:10 ----D---- C:\Windows\system32\sk-SK
2016-05-13 17:59:10 ----D---- C:\Windows\system32\pl-PL
2016-05-13 17:59:10 ----D---- C:\Windows\system32\hu-HU
2016-05-13 17:59:10 ----D---- C:\Windows\system32\en-US
2016-05-13 17:59:02 ----D---- C:\Windows\AppPatch
2016-05-13 17:59:01 ----D---- C:\Windows\system32\Boot
2016-05-13 17:52:21 ----D---- C:\Windows\system32\MRT
2016-05-13 17:45:08 ----A---- C:\Windows\system32\MRT.exe
2016-05-13 17:26:26 ----D---- C:\Windows\system32\catroot2
2016-05-13 14:15:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-05-13 14:15:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2016-05-13 10:17:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-07 03:02:18 ----SD---- C:\Windows\SYSWOW64\GWX
2016-05-07 03:02:18 ----SD---- C:\Windows\system32\GWX
2016-04-30 20:36:12 ----D---- C:\ProgramData\SupportAssistAgent
2016-04-21 15:05:02 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2012-05-30 569152]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-02-22 20464]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-12-04 32544]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 22128]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-07-14 255240]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-07-14 178520]
R1 GUBootStartup;GUBootStartup; \??\C:\Windows\System32\drivers\GUBootStartup.sys [2016-05-18 20160]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2013-12-04 300320]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2015-07-14 168208]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2013-02-21 489264]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2010-09-11 176096]
R3 dcdbas;System Management Driver; C:\Windows\system32\DRIVERS\dcdbas64.sys [2012-09-23 39016]
R3 DDDriver;DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [2015-09-11 32464]
R3 DellProf;DellProf; C:\Windows\system32\drivers\DellProf.sys [2015-05-22 24240]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-06-16 515440]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-01 14659808]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-02-22 358896]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-02-22 792560]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-11-13 99288]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-09-30 11523072]
R3 O2SDJRDR;O2SDJRDR; C:\Windows\system32\DRIVERS\o2sdjw7x64.sys [2012-04-27 85336]
R3 ST_ACCEL;STMicroelectronics Accelerometer Service; C:\Windows\system32\DRIVERS\ST_ACCEL.sys [2012-05-21 68208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-02-05 544768]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2014-07-06 135720]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2014-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2014-07-06 80384]
S3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2014-07-06 615464]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2014-07-06 184360]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2014-07-06 211496]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2014-07-06 39976]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2014-07-06 21544]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 InvProtectDrv;InvProtectDrv; \??\C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [2013-07-30 34824]
S3 netvsc;netvsc; C:\Windows\system32\DRIVERS\netvsc60.sys [2010-11-21 168448]
S3 O2MDFRDR;O2MDFRDR; C:\Windows\system32\drivers\O2MDFw7x64.sys [2011-01-03 72808]
S3 O2MDRRDR;O2MDRRDR; C:\Windows\system32\drivers\O2MDRw7x64.sys [2011-01-04 74984]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SboxDrv;SboxDrv; \??\C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [2013-07-30 202248]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 SynthVid;SynthVid; C:\Windows\system32\DRIVERS\VMBusVideoM.sys [2010-11-21 22528]
S3 t_mouse.sys;HID-compliand device; C:\Windows\system32\DRIVERS\t_mouse.sys [2012-12-19 6144]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2012-02-22 945440]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-04-29 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-04-29 1773696]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DellDataVault;Dell Data Vault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2016-03-11 2572024]
R2 DellDataVaultWiz;Dell Data Vault Wizard; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2016-03-11 202488]
R2 DellDigitalDelivery;Dell Digital Delivery Service; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2014-04-10 202248]
R2 DFEPService;Dell Feature Enhancement Pack Service; C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2012-08-15 2280504]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2015-07-08 1353720]
R2 EmbassyService;EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2013-03-11 231792]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-08-23 629040]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-05-30 13632]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2012-06-06 190824]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-11-13 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-11-13 390616]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-29 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-12-04 1364256]
R2 NVWMI;NVIDIA WMI Provider; C:\Windows\system32\nvwmi64.exe [2013-12-04 1290016]
R2 O2FLASH;O2FLASH; C:\Windows\system32\o2flash.exe [2011-11-16 244328]
R2 PbaDrvSvc_x64;Dell PBA x64 Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [2013-01-21 21504]
R2 postgresql-9.2;postgresql-9.2 - PostgreSQL Server 9.2; C:/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N postgresql-9.2 -D C:/Program Files (x86)/PostgreSQL/9.2/data -w []
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-08-23 149296]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-02-05 332800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-28 414496]
R2 SupportAssistAgent;Dell SupportAssist Agent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2016-04-22 31928]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2015-04-09 5261584]
R2 Wave Authentication Manager Service;Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2013-02-26 1773056]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
S2 tcsd_win32.exe;SI TSS v1.2.1.41 TCS; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [2012-05-11 1643520]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-09 276248]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-04-23 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 InvProtectSvc;Invincea Enterprise Service; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2013-07-30 2947856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-05-04 146888]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-08-23 272688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SboxSvc;SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [2013-07-30 124616]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe [2013-02-01 2215272]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-03 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Run by B-CENTRUM at 2016-05-19 19:49:13
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 608 GB (87%) free of 701 GB
Total RAM: 8066 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:49:15, on 19.5.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18315)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\trend micro\B-CENTRUM.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1201689258-1509952851-1086272638-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1201689258-1509952851-1086272638-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - S-1-5-21-1201689258-1509952851-1086272638-1000 User Startup: Smart Settings.lnk = C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (User 'UpdatusUser')
O4 - .DEFAULT User Startup: Smart Settings.lnk = C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe
O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: Dell Feature Enhancement Pack Service (DFEPService) - Dell Inc. - C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: EmbassyService - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Invincea Enterprise Service (InvProtectSvc) - Invincea, Inc. - C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: NVIDIA WMI Provider (NVWMI) - Unknown owner - C:\Windows\system32\nvwmi64.exe (file missing)
O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\o2flash.exe (file missing)
O23 - Service: Dell PBA x64 Service (PbaDrvSvc_x64) - Dell, Inc. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
O23 - Service: postgresql-9.2 - PostgreSQL Server 9.2 (postgresql-9.2) - PostgreSQL Global Development Group - C:/PostgreSQL/9.2/bin/pg_ctl.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SboxSvc - Unknown owner - C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: SI TSS v1.2.1.41 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: Wave Authentication Manager Service - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WvPCR - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 13826 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Windows\system32\nvwmi64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 25311952
"C:\Program Files\Common Files\SPBA\upeksvr.exe"
C:\Windows\System32\spoolsv.exe
\??\C:\Windows\system32\conhost.exe "-47233290518781464582067043141-1917360323-174574832119889444701316767925-1249721906
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\nvwmi64.exe -spawnprovider
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\system32\IProsetMonitor.exe
C:\Windows\system32\o2flash.exe
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe"
C:/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N "postgresql-9.2" -D "C:/Program Files (x86)/PostgreSQL/9.2/data" -w
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:/PostgreSQL/9.2/bin/postgres.exe -D "C:/Program Files (x86)/PostgreSQL/9.2/data"
\??\C:\Windows\system32\conhost.exe "-1974006988200389100871023886-11247529201639124335-986372543105185609-1809923597
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forklog" "1084" "1080"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkboot" "156" "-x4"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkboot" "1236" "-x3"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkboot" "156" "-x5"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkavlauncher" "1236"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkcol" "156"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[C1].txt
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Glary Utilities 5\Integrator.exe" /autostart
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe"
"c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\DellTPad\HidFind.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "-4937493231803341918-16241741294869946721409749618-929570936325736057-1801386375
"C:\Program Files\Dell\DellDataVault\DellDataVault.exe"
"C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k defragsvc
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\B-CENTRUM\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\B-CENTRUM\AppData\Roaming\Mozilla\Firefox\Profiles\93c7nndk.default
prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
nppdf32.JPN
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-02-09 228552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29 2134648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2014-01-22 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2016-04-12 2348848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-02-09 163016]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29 1725056]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-04-12 1741104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-09 170264]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-02-05 1702912]
"DFEPApplication"=C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [2012-08-15 7077432]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2015-07-08 5595848]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-12-04 2747680]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GUDelayStartup"=C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [2016-05-16 43984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-02-22 292088]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-06-07 56128]
"kbdsprt"= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-01 430080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba]
C:\Program Files\Common Files\SPBA\homefus2.dll [2012-08-17 2307944]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth
"notification packages"=scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-05-19 18:24:37 ----D---- C:\AdwCleaner
2016-05-19 15:13:05 ----D---- C:\Windows\SYSWOW64\NV
2016-05-19 15:13:05 ----D---- C:\Windows\system32\NV
2016-05-19 15:11:34 ----A---- C:\Windows\system32\nvWmiShim.dll
2016-05-19 15:11:34 ----A---- C:\Windows\system32\nvwmi64.exe
2016-05-19 10:37:23 ----A---- C:\Windows\system32\RegBootDefrag.exe
2016-05-19 10:30:09 ----SHD---- C:\Config.Msi
2016-05-19 09:42:17 ----D---- C:\Program Files\Microsoft Silverlight
2016-05-19 09:42:17 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-05-19 08:57:55 ----D---- C:\Program Files\trend micro
2016-05-19 08:57:54 ----D---- C:\rsit
2016-05-19 08:47:11 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-05-19 08:46:47 ----D---- C:\Windows\PCHEALTH
2016-05-19 08:46:47 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2016-05-19 08:45:51 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2016-05-19 08:44:54 ----D---- C:\Program Files\Microsoft Office
2016-05-19 08:43:10 ----RHD---- C:\MSOCache
2016-05-18 17:52:15 ----N---- C:\bootsqm.dat
2016-05-18 17:27:28 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\GlarySoft
2016-05-18 17:27:28 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\DiskDefrag
2016-05-18 17:27:28 ----A---- C:\Windows\system32\drivers\GUBootStartup.sys
2016-05-18 17:27:20 ----D---- C:\Program Files (x86)\Glary Utilities 5
2016-05-13 17:29:36 ----A---- C:\Windows\system32\win32k.sys
2016-05-13 17:29:35 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-05-13 17:29:35 ----A---- C:\Windows\system32\tzres.dll
2016-05-13 17:29:34 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-05-13 17:29:34 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-05-13 17:29:34 ----A---- C:\Windows\system32\cdd.dll
2016-05-13 17:29:33 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-05-13 17:29:33 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-05-13 17:29:33 ----A---- C:\Windows\system32\gdi32.dll
2016-05-13 17:29:33 ----A---- C:\Windows\system32\d3d10level9.dll
2016-05-13 17:29:31 ----A---- C:\Windows\system32\jnwmon.dll
2016-05-13 17:29:29 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-05-13 17:29:29 ----A---- C:\Windows\system32\InkEd.dll
2016-05-13 17:29:25 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-05-13 17:29:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-05-13 17:29:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-05-13 17:29:25 ----A---- C:\Windows\system32\iernonce.dll
2016-05-13 17:29:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\inseng.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\ie4uinit.exe
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\urlmon.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\occache.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\iedkcs32.dll
2016-05-13 17:29:22 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-05-13 17:29:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-05-13 17:29:22 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-13 17:29:22 ----A---- C:\Windows\system32\msfeeds.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\iesetup.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\ieapfltr.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\dxtrans.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-05-13 17:29:21 ----A---- C:\Windows\system32\vbscript.dll
2016-05-13 17:29:21 ----A---- C:\Windows\system32\jsproxy.dll
2016-05-13 17:29:21 ----A---- C:\Windows\system32\iertutil.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\mshtmled.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\ieui.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\ieframe.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\dxtmsft.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\wininet.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\webcheck.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\jscript9diag.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\jscript9.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\jscript.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\ieUnatt.exe
2016-05-13 17:29:18 ----A---- C:\Windows\system32\msrating.dll
2016-05-13 17:29:18 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-05-13 17:29:18 ----A---- C:\Windows\system32\mshtml.dll
2016-05-13 17:28:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-05-13 17:28:58 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-05-13 17:28:58 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-05-13 17:28:58 ----A---- C:\Windows\system32\rpcrt4.dll
2016-05-13 17:28:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-05-13 17:28:58 ----A---- C:\Windows\system32\lsasrv.dll
2016-05-13 17:28:58 ----A---- C:\Windows\system32\kerberos.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wow64win.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wow64cpu.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wow64.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\winsrv.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wdigest.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\TSpkg.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\sspisrv.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\sspicli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\srcore.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\srclient.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\smss.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\schannel.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\secur32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\rstrui.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\rpchttp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\ntvdm64.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\ntdll.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\ncrypt.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\msv1_0.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\lsass.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\KernelBase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\kernel32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\appid.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\csrsrv.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\cryptbase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\credssp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\conhost.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\certcli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\auditpol.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidsvc.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidapi.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\advapi32.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\user.exe
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\msobjs.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\msaudite.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\apisetschema.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\adtschema.dll
2016-05-13 17:28:53 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-05-13 17:28:53 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-05-04 21:30:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2016-05-19 19:49:15 ----D---- C:\Windows\Temp
2016-05-19 19:44:08 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\Skype
2016-05-19 19:43:54 ----D---- C:\Windows\system32\Tasks
2016-05-19 19:41:00 ----D---- C:\Windows\Prefetch
2016-05-19 19:22:47 ----D---- C:\Windows\system32\config
2016-05-19 18:30:12 ----D---- C:\ProgramData\NVIDIA
2016-05-19 16:16:48 ----HD---- C:\Windows\system32\WLANProfiles
2016-05-19 15:14:39 ----D---- C:\Windows
2016-05-19 15:13:05 ----D---- C:\Windows\SysWOW64
2016-05-19 15:13:05 ----D---- C:\Windows\System32
2016-05-19 15:11:34 ----D---- C:\Windows\system32\wbem
2016-05-19 15:11:34 ----D---- C:\Program Files\NVIDIA Corporation
2016-05-19 15:11:25 ----D---- C:\ProgramData\NVIDIA Corporation
2016-05-19 15:11:18 ----D---- C:\Windows\inf
2016-05-19 15:11:09 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-05-19 15:09:23 ----D---- C:\Windows\system32\drivers
2016-05-19 15:09:15 ----D---- C:\Windows\system32\DriverStore
2016-05-19 15:08:17 ----SHD---- C:\System Volume Information
2016-05-19 15:00:33 ----SHD---- C:\Windows\Installer
2016-05-19 15:00:01 ----D---- C:\ProgramData\Microsoft Help
2016-05-19 14:59:37 ----D---- C:\Windows\Microsoft.NET
2016-05-19 14:58:13 ----RSD---- C:\Windows\assembly
2016-05-19 14:56:34 ----A---- C:\Windows\win.ini
2016-05-19 14:25:55 ----D---- C:\ProgramData\PCDr
2016-05-19 13:18:20 ----SD---- C:\ProgramData\Microsoft
2016-05-19 10:31:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-05-19 10:23:12 ----RD---- C:\Program Files (x86)\Skype
2016-05-19 10:22:58 ----D---- C:\ProgramData\Skype
2016-05-19 09:50:50 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-05-19 09:42:17 ----RD---- C:\Program Files (x86)
2016-05-19 09:42:17 ----RD---- C:\Program Files
2016-05-19 08:47:49 ----RSD---- C:\Windows\Fonts
2016-05-19 08:47:44 ----D---- C:\Windows\ShellNew
2016-05-19 08:47:39 ----D---- C:\Program Files (x86)\Common Files
2016-05-19 08:47:11 ----HD---- C:\ProgramData
2016-05-19 08:46:47 ----D---- C:\Program Files (x86)\Microsoft Office
2016-05-19 08:45:11 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-05-19 07:42:12 ----D---- C:\Windows\winsxs
2016-05-18 17:35:46 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\TeamViewer
2016-05-18 17:35:28 ----D---- C:\Windows\Minidump
2016-05-18 17:35:28 ----D---- C:\Windows\debug
2016-05-13 23:36:03 ----D---- C:\Windows\system32\appraiser
2016-05-13 17:59:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-05-13 17:59:14 ----D---- C:\Windows\system32\cs-CZ
2016-05-13 17:59:14 ----D---- C:\Windows\ehome
2016-05-13 17:59:13 ----D---- C:\Program Files\Windows Journal
2016-05-13 17:59:12 ----D---- C:\Program Files\Internet Explorer
2016-05-13 17:59:11 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-05-13 17:59:11 ----D---- C:\Windows\SYSWOW64\pl-PL
2016-05-13 17:59:11 ----D---- C:\Windows\SYSWOW64\hu-HU
2016-05-13 17:59:11 ----D---- C:\Program Files (x86)\Internet Explorer
2016-05-13 17:59:10 ----D---- C:\Windows\SYSWOW64\en-US
2016-05-13 17:59:10 ----D---- C:\Windows\system32\sk-SK
2016-05-13 17:59:10 ----D---- C:\Windows\system32\pl-PL
2016-05-13 17:59:10 ----D---- C:\Windows\system32\hu-HU
2016-05-13 17:59:10 ----D---- C:\Windows\system32\en-US
2016-05-13 17:59:02 ----D---- C:\Windows\AppPatch
2016-05-13 17:59:01 ----D---- C:\Windows\system32\Boot
2016-05-13 17:52:21 ----D---- C:\Windows\system32\MRT
2016-05-13 17:45:08 ----A---- C:\Windows\system32\MRT.exe
2016-05-13 17:26:26 ----D---- C:\Windows\system32\catroot2
2016-05-13 14:15:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-05-13 14:15:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2016-05-13 10:17:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-07 03:02:18 ----SD---- C:\Windows\SYSWOW64\GWX
2016-05-07 03:02:18 ----SD---- C:\Windows\system32\GWX
2016-04-30 20:36:12 ----D---- C:\ProgramData\SupportAssistAgent
2016-04-21 15:05:02 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2012-05-30 569152]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-02-22 20464]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-12-04 32544]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 22128]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-07-14 255240]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-07-14 178520]
R1 GUBootStartup;GUBootStartup; \??\C:\Windows\System32\drivers\GUBootStartup.sys [2016-05-18 20160]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2013-12-04 300320]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2015-07-14 168208]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2013-02-21 489264]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2010-09-11 176096]
R3 dcdbas;System Management Driver; C:\Windows\system32\DRIVERS\dcdbas64.sys [2012-09-23 39016]
R3 DDDriver;DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [2015-09-11 32464]
R3 DellProf;DellProf; C:\Windows\system32\drivers\DellProf.sys [2015-05-22 24240]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-06-16 515440]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-01 14659808]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-02-22 358896]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-02-22 792560]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-11-13 99288]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-09-30 11523072]
R3 O2SDJRDR;O2SDJRDR; C:\Windows\system32\DRIVERS\o2sdjw7x64.sys [2012-04-27 85336]
R3 ST_ACCEL;STMicroelectronics Accelerometer Service; C:\Windows\system32\DRIVERS\ST_ACCEL.sys [2012-05-21 68208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-02-05 544768]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2014-07-06 135720]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2014-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2014-07-06 80384]
S3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2014-07-06 615464]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2014-07-06 184360]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2014-07-06 211496]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2014-07-06 39976]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2014-07-06 21544]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 InvProtectDrv;InvProtectDrv; \??\C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [2013-07-30 34824]
S3 netvsc;netvsc; C:\Windows\system32\DRIVERS\netvsc60.sys [2010-11-21 168448]
S3 O2MDFRDR;O2MDFRDR; C:\Windows\system32\drivers\O2MDFw7x64.sys [2011-01-03 72808]
S3 O2MDRRDR;O2MDRRDR; C:\Windows\system32\drivers\O2MDRw7x64.sys [2011-01-04 74984]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SboxDrv;SboxDrv; \??\C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [2013-07-30 202248]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 SynthVid;SynthVid; C:\Windows\system32\DRIVERS\VMBusVideoM.sys [2010-11-21 22528]
S3 t_mouse.sys;HID-compliand device; C:\Windows\system32\DRIVERS\t_mouse.sys [2012-12-19 6144]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2012-02-22 945440]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-04-29 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-04-29 1773696]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DellDataVault;Dell Data Vault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2016-03-11 2572024]
R2 DellDataVaultWiz;Dell Data Vault Wizard; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2016-03-11 202488]
R2 DellDigitalDelivery;Dell Digital Delivery Service; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2014-04-10 202248]
R2 DFEPService;Dell Feature Enhancement Pack Service; C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2012-08-15 2280504]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2015-07-08 1353720]
R2 EmbassyService;EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2013-03-11 231792]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-08-23 629040]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-05-30 13632]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2012-06-06 190824]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-11-13 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-11-13 390616]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-29 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-12-04 1364256]
R2 NVWMI;NVIDIA WMI Provider; C:\Windows\system32\nvwmi64.exe [2013-12-04 1290016]
R2 O2FLASH;O2FLASH; C:\Windows\system32\o2flash.exe [2011-11-16 244328]
R2 PbaDrvSvc_x64;Dell PBA x64 Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [2013-01-21 21504]
R2 postgresql-9.2;postgresql-9.2 - PostgreSQL Server 9.2; C:/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N postgresql-9.2 -D C:/Program Files (x86)/PostgreSQL/9.2/data -w []
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-08-23 149296]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-02-05 332800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-28 414496]
R2 SupportAssistAgent;Dell SupportAssist Agent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2016-04-22 31928]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2015-04-09 5261584]
R2 Wave Authentication Manager Service;Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2013-02-26 1773056]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
S2 tcsd_win32.exe;SI TSS v1.2.1.41 TCS; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [2012-05-11 1643520]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-09 276248]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-04-23 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 InvProtectSvc;Invincea Enterprise Service; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2013-07-30 2947856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-05-04 146888]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-08-23 272688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SboxSvc;SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [2013-07-30 124616]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe [2013-02-01 2215272]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-03 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý NB
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files (x86)\Skype\Toolbars
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
:services
c2cautoupdatesvc
c2cpnrsvc
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý NB
Logfile of random's system information tool 1.10 (written by random/random)
Run by B-CENTRUM at 2016-05-19 20:42:05
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 608 GB (87%) free of 701 GB
Total RAM: 8066 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:42:09, on 19.5.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18315)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\B-CENTRUM.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Smart Settings.lnk = C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe
O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: Dell Feature Enhancement Pack Service (DFEPService) - Dell Inc. - C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: EmbassyService - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Invincea Enterprise Service (InvProtectSvc) - Invincea, Inc. - C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: NVIDIA WMI Provider (NVWMI) - Unknown owner - C:\Windows\system32\nvwmi64.exe (file missing)
O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\o2flash.exe (file missing)
O23 - Service: Dell PBA x64 Service (PbaDrvSvc_x64) - Dell, Inc. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
O23 - Service: postgresql-9.2 - PostgreSQL Server 9.2 (postgresql-9.2) - PostgreSQL Global Development Group - C:/PostgreSQL/9.2/bin/pg_ctl.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SboxSvc - Unknown owner - C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: SI TSS v1.2.1.41 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: Wave Authentication Manager Service - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WvPCR - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 13259 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Windows\system32\nvwmi64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Common Files\SPBA\upeksvr.exe"
C:\Windows\system32\WLANExt.exe 29591792
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\nvwmi64.exe -spawnprovider
\??\C:\Windows\system32\conhost.exe "2029149819-204894051114656188851791604807-2567282971599227494-1397820006-406743179
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
taskeng.exe {F123E17D-47EE-4C66-8DE4-73517197BDA5}
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\system32\IProsetMonitor.exe
C:\Windows\system32\o2flash.exe
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe"
C:/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N "postgresql-9.2" -D "C:/Program Files (x86)/PostgreSQL/9.2/data" -w
C:/PostgreSQL/9.2/bin/postgres.exe -D "C:/Program Files (x86)/PostgreSQL/9.2/data"
\??\C:\Windows\system32\conhost.exe "1493415079-1450427491277048712-52003156-1576927065-1353172914-61754588126051067
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forklog" "1084" "1080"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {3E622AC4-1D01-4A91-8D83-C94889E20197}
"C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkboot" "156" "-x4"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkboot" "1264" "-x3"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkboot" "156" "-x5"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkavlauncher" "1264"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkcol" "156"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Glary Utilities 5\x64\Win64ShellLink.exe" ShellLinkX64 3480
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
taskeng.exe {AC5263AE-FF14-4BD2-9AD1-908CC3BFF3D3}
"C:\Program Files (x86)\Glary Utilities 5\Integrator.exe" /autostart
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\05192016_203926.log
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\B-CENTRUM\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\B-CENTRUM\AppData\Roaming\Mozilla\Firefox\Profiles\93c7nndk.default
prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
nppdf32.JPN
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-02-09 228552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2014-01-22 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2016-04-12 2348848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-02-09 163016]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-04-12 1741104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-09 170264]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-02-05 1702912]
"DFEPApplication"=C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [2012-08-15 7077432]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2015-07-08 5595848]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-12-04 2747680]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GUDelayStartup"=C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [2016-05-16 43984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-02-22 292088]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-06-07 56128]
"kbdsprt"= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-01 430080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba]
C:\Program Files\Common Files\SPBA\homefus2.dll [2012-08-17 2307944]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth
"notification packages"=scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-05-19 20:39:26 ----D---- C:\_OTM
2016-05-19 18:24:37 ----D---- C:\AdwCleaner
2016-05-19 15:13:05 ----D---- C:\Windows\SYSWOW64\NV
2016-05-19 15:13:05 ----D---- C:\Windows\system32\NV
2016-05-19 15:11:34 ----A---- C:\Windows\system32\nvWmiShim.dll
2016-05-19 15:11:34 ----A---- C:\Windows\system32\nvwmi64.exe
2016-05-19 10:37:23 ----A---- C:\Windows\system32\RegBootDefrag.exe
2016-05-19 10:30:09 ----SHD---- C:\Config.Msi
2016-05-19 09:42:17 ----D---- C:\Program Files\Microsoft Silverlight
2016-05-19 09:42:17 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-05-19 08:57:55 ----D---- C:\Program Files\trend micro
2016-05-19 08:57:54 ----D---- C:\rsit
2016-05-19 08:47:11 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-05-19 08:46:47 ----D---- C:\Windows\PCHEALTH
2016-05-19 08:46:47 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2016-05-19 08:45:51 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2016-05-19 08:44:54 ----D---- C:\Program Files\Microsoft Office
2016-05-19 08:43:10 ----RHD---- C:\MSOCache
2016-05-18 17:27:28 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\GlarySoft
2016-05-18 17:27:28 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\DiskDefrag
2016-05-18 17:27:28 ----A---- C:\Windows\system32\drivers\GUBootStartup.sys
2016-05-18 17:27:20 ----D---- C:\Program Files (x86)\Glary Utilities 5
2016-05-13 17:29:36 ----A---- C:\Windows\system32\win32k.sys
2016-05-13 17:29:35 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-05-13 17:29:35 ----A---- C:\Windows\system32\tzres.dll
2016-05-13 17:29:34 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-05-13 17:29:34 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-05-13 17:29:34 ----A---- C:\Windows\system32\cdd.dll
2016-05-13 17:29:33 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-05-13 17:29:33 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-05-13 17:29:33 ----A---- C:\Windows\system32\gdi32.dll
2016-05-13 17:29:33 ----A---- C:\Windows\system32\d3d10level9.dll
2016-05-13 17:29:31 ----A---- C:\Windows\system32\jnwmon.dll
2016-05-13 17:29:29 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-05-13 17:29:29 ----A---- C:\Windows\system32\InkEd.dll
2016-05-13 17:29:25 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-05-13 17:29:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-05-13 17:29:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-05-13 17:29:25 ----A---- C:\Windows\system32\iernonce.dll
2016-05-13 17:29:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\inseng.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\ie4uinit.exe
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\urlmon.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\occache.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\iedkcs32.dll
2016-05-13 17:29:22 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-05-13 17:29:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-05-13 17:29:22 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-13 17:29:22 ----A---- C:\Windows\system32\msfeeds.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\iesetup.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\ieapfltr.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\dxtrans.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-05-13 17:29:21 ----A---- C:\Windows\system32\vbscript.dll
2016-05-13 17:29:21 ----A---- C:\Windows\system32\jsproxy.dll
2016-05-13 17:29:21 ----A---- C:\Windows\system32\iertutil.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\mshtmled.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\ieui.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\ieframe.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\dxtmsft.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\wininet.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\webcheck.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\jscript9diag.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\jscript9.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\jscript.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\ieUnatt.exe
2016-05-13 17:29:18 ----A---- C:\Windows\system32\msrating.dll
2016-05-13 17:29:18 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-05-13 17:29:18 ----A---- C:\Windows\system32\mshtml.dll
2016-05-13 17:28:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-05-13 17:28:58 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-05-13 17:28:58 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-05-13 17:28:58 ----A---- C:\Windows\system32\rpcrt4.dll
2016-05-13 17:28:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-05-13 17:28:58 ----A---- C:\Windows\system32\lsasrv.dll
2016-05-13 17:28:58 ----A---- C:\Windows\system32\kerberos.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wow64win.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wow64cpu.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wow64.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\winsrv.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wdigest.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\TSpkg.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\sspisrv.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\sspicli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\srcore.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\srclient.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\smss.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\schannel.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\secur32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\rstrui.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\rpchttp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\ntvdm64.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\ntdll.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\ncrypt.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\msv1_0.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\lsass.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\KernelBase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\kernel32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\appid.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\csrsrv.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\cryptbase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\credssp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\conhost.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\certcli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\auditpol.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidsvc.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidapi.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\advapi32.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\user.exe
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\msobjs.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\msaudite.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\apisetschema.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\adtschema.dll
2016-05-13 17:28:53 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-05-13 17:28:53 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-05-04 21:30:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2016-05-19 20:42:09 ----D---- C:\Windows\Prefetch
2016-05-19 20:41:57 ----D---- C:\Windows\Temp
2016-05-19 20:41:13 ----D---- C:\Windows\system32\Tasks
2016-05-19 20:41:10 ----D---- C:\Windows\system32\config
2016-05-19 20:40:41 ----D---- C:\ProgramData\NVIDIA
2016-05-19 20:39:26 ----RD---- C:\Program Files (x86)\Skype
2016-05-19 20:34:19 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\Skype
2016-05-19 20:15:52 ----D---- C:\Windows\rescache
2016-05-19 16:16:48 ----HD---- C:\Windows\system32\WLANProfiles
2016-05-19 15:14:39 ----D---- C:\Windows
2016-05-19 15:13:05 ----D---- C:\Windows\SysWOW64
2016-05-19 15:13:05 ----D---- C:\Windows\System32
2016-05-19 15:11:34 ----D---- C:\Windows\system32\wbem
2016-05-19 15:11:34 ----D---- C:\Program Files\NVIDIA Corporation
2016-05-19 15:11:25 ----D---- C:\ProgramData\NVIDIA Corporation
2016-05-19 15:11:18 ----D---- C:\Windows\inf
2016-05-19 15:11:09 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-05-19 15:09:23 ----D---- C:\Windows\system32\drivers
2016-05-19 15:09:15 ----D---- C:\Windows\system32\DriverStore
2016-05-19 15:08:17 ----SHD---- C:\System Volume Information
2016-05-19 15:00:33 ----SHD---- C:\Windows\Installer
2016-05-19 15:00:01 ----D---- C:\ProgramData\Microsoft Help
2016-05-19 14:59:37 ----D---- C:\Windows\Microsoft.NET
2016-05-19 14:58:13 ----RSD---- C:\Windows\assembly
2016-05-19 14:56:34 ----A---- C:\Windows\win.ini
2016-05-19 14:25:55 ----D---- C:\ProgramData\PCDr
2016-05-19 13:18:20 ----SD---- C:\ProgramData\Microsoft
2016-05-19 10:31:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-05-19 10:22:58 ----D---- C:\ProgramData\Skype
2016-05-19 09:50:50 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-05-19 09:42:17 ----RD---- C:\Program Files (x86)
2016-05-19 09:42:17 ----RD---- C:\Program Files
2016-05-19 08:47:49 ----RSD---- C:\Windows\Fonts
2016-05-19 08:47:44 ----D---- C:\Windows\ShellNew
2016-05-19 08:47:39 ----D---- C:\Program Files (x86)\Common Files
2016-05-19 08:47:11 ----HD---- C:\ProgramData
2016-05-19 08:46:47 ----D---- C:\Program Files (x86)\Microsoft Office
2016-05-19 08:45:11 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-05-19 07:42:12 ----D---- C:\Windows\winsxs
2016-05-18 17:35:46 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\TeamViewer
2016-05-18 17:35:28 ----D---- C:\Windows\Minidump
2016-05-18 17:35:28 ----D---- C:\Windows\debug
2016-05-13 23:36:03 ----D---- C:\Windows\system32\appraiser
2016-05-13 17:59:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-05-13 17:59:14 ----D---- C:\Windows\system32\cs-CZ
2016-05-13 17:59:14 ----D---- C:\Windows\ehome
2016-05-13 17:59:13 ----D---- C:\Program Files\Windows Journal
2016-05-13 17:59:12 ----D---- C:\Program Files\Internet Explorer
2016-05-13 17:59:11 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-05-13 17:59:11 ----D---- C:\Windows\SYSWOW64\pl-PL
2016-05-13 17:59:11 ----D---- C:\Windows\SYSWOW64\hu-HU
2016-05-13 17:59:11 ----D---- C:\Program Files (x86)\Internet Explorer
2016-05-13 17:59:10 ----D---- C:\Windows\SYSWOW64\en-US
2016-05-13 17:59:10 ----D---- C:\Windows\system32\sk-SK
2016-05-13 17:59:10 ----D---- C:\Windows\system32\pl-PL
2016-05-13 17:59:10 ----D---- C:\Windows\system32\hu-HU
2016-05-13 17:59:10 ----D---- C:\Windows\system32\en-US
2016-05-13 17:59:02 ----D---- C:\Windows\AppPatch
2016-05-13 17:59:01 ----D---- C:\Windows\system32\Boot
2016-05-13 17:52:21 ----D---- C:\Windows\system32\MRT
2016-05-13 17:45:08 ----A---- C:\Windows\system32\MRT.exe
2016-05-13 17:26:26 ----D---- C:\Windows\system32\catroot2
2016-05-13 14:15:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-05-13 14:15:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2016-05-13 10:17:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-07 03:02:18 ----SD---- C:\Windows\SYSWOW64\GWX
2016-05-07 03:02:18 ----SD---- C:\Windows\system32\GWX
2016-04-30 20:36:12 ----D---- C:\ProgramData\SupportAssistAgent
2016-04-21 15:05:02 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2012-05-30 569152]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-02-22 20464]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-12-04 32544]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 22128]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-07-14 255240]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-07-14 178520]
R1 GUBootStartup;GUBootStartup; \??\C:\Windows\System32\drivers\GUBootStartup.sys [2016-05-18 20160]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2013-12-04 300320]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2015-07-14 168208]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2013-02-21 489264]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2010-09-11 176096]
R3 dcdbas;System Management Driver; C:\Windows\system32\DRIVERS\dcdbas64.sys [2012-09-23 39016]
R3 DDDriver;DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [2015-09-11 32464]
R3 DellProf;DellProf; C:\Windows\system32\drivers\DellProf.sys [2015-05-22 24240]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-06-16 515440]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-01 14659808]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-02-22 358896]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-02-22 792560]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-11-13 99288]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-09-30 11523072]
R3 O2SDJRDR;O2SDJRDR; C:\Windows\system32\DRIVERS\o2sdjw7x64.sys [2012-04-27 85336]
R3 ST_ACCEL;STMicroelectronics Accelerometer Service; C:\Windows\system32\DRIVERS\ST_ACCEL.sys [2012-05-21 68208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-02-05 544768]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2014-07-06 135720]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2014-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2014-07-06 80384]
S3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2014-07-06 615464]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2014-07-06 184360]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2014-07-06 211496]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2014-07-06 39976]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2014-07-06 21544]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 InvProtectDrv;InvProtectDrv; \??\C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [2013-07-30 34824]
S3 netvsc;netvsc; C:\Windows\system32\DRIVERS\netvsc60.sys [2010-11-21 168448]
S3 O2MDFRDR;O2MDFRDR; C:\Windows\system32\drivers\O2MDFw7x64.sys [2011-01-03 72808]
S3 O2MDRRDR;O2MDRRDR; C:\Windows\system32\drivers\O2MDRw7x64.sys [2011-01-04 74984]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SboxDrv;SboxDrv; \??\C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [2013-07-30 202248]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 SynthVid;SynthVid; C:\Windows\system32\DRIVERS\VMBusVideoM.sys [2010-11-21 22528]
S3 t_mouse.sys;HID-compliand device; C:\Windows\system32\DRIVERS\t_mouse.sys [2012-12-19 6144]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2012-02-22 945440]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DFEPService;Dell Feature Enhancement Pack Service; C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2012-08-15 2280504]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2015-07-08 1353720]
R2 EmbassyService;EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2013-03-11 231792]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-08-23 629040]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2012-06-06 190824]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-29 920864]
R2 NVWMI;NVIDIA WMI Provider; C:\Windows\system32\nvwmi64.exe [2013-12-04 1290016]
R2 O2FLASH;O2FLASH; C:\Windows\system32\o2flash.exe [2011-11-16 244328]
R2 PbaDrvSvc_x64;Dell PBA x64 Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [2013-01-21 21504]
R2 postgresql-9.2;postgresql-9.2 - PostgreSQL Server 9.2; C:/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N postgresql-9.2 -D C:/Program Files (x86)/PostgreSQL/9.2/data -w []
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-08-23 149296]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-02-05 332800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-28 414496]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2015-04-09 5261584]
R2 Wave Authentication Manager Service;Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2013-02-26 1773056]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 DellDataVault;Dell Data Vault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2016-03-11 2572024]
S2 DellDataVaultWiz;Dell Data Vault Wizard; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2016-03-11 202488]
S2 DellDigitalDelivery;Dell Digital Delivery Service; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2014-04-10 202248]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-05-30 13632]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-11-13 169432]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-11-13 390616]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-12-04 1364256]
S2 SupportAssistAgent;Dell SupportAssist Agent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2016-04-22 31928]
S2 tcsd_win32.exe;SI TSS v1.2.1.41 TCS; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [2012-05-11 1643520]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-09 276248]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-04-23 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 InvProtectSvc;Invincea Enterprise Service; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2013-07-30 2947856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-05-04 146888]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-08-23 272688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SboxSvc;SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [2013-07-30 124616]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe [2013-02-01 2215272]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-03 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Run by B-CENTRUM at 2016-05-19 20:42:05
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 608 GB (87%) free of 701 GB
Total RAM: 8066 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:42:09, on 19.5.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18315)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\B-CENTRUM.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Smart Settings.lnk = C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe
O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: Dell Feature Enhancement Pack Service (DFEPService) - Dell Inc. - C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: EmbassyService - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Invincea Enterprise Service (InvProtectSvc) - Invincea, Inc. - C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: NVIDIA WMI Provider (NVWMI) - Unknown owner - C:\Windows\system32\nvwmi64.exe (file missing)
O23 - Service: O2FLASH - Unknown owner - C:\Windows\system32\o2flash.exe (file missing)
O23 - Service: Dell PBA x64 Service (PbaDrvSvc_x64) - Dell, Inc. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
O23 - Service: postgresql-9.2 - PostgreSQL Server 9.2 (postgresql-9.2) - PostgreSQL Global Development Group - C:/PostgreSQL/9.2/bin/pg_ctl.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SboxSvc - Unknown owner - C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: SI TSS v1.2.1.41 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: Wave Authentication Manager Service - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WvPCR - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 13259 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Windows\system32\nvwmi64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Common Files\SPBA\upeksvr.exe"
C:\Windows\system32\WLANExt.exe 29591792
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\nvwmi64.exe -spawnprovider
\??\C:\Windows\system32\conhost.exe "2029149819-204894051114656188851791604807-2567282971599227494-1397820006-406743179
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
taskeng.exe {F123E17D-47EE-4C66-8DE4-73517197BDA5}
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\system32\IProsetMonitor.exe
C:\Windows\system32\o2flash.exe
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe"
C:/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N "postgresql-9.2" -D "C:/Program Files (x86)/PostgreSQL/9.2/data" -w
C:/PostgreSQL/9.2/bin/postgres.exe -D "C:/Program Files (x86)/PostgreSQL/9.2/data"
\??\C:\Windows\system32\conhost.exe "1493415079-1450427491277048712-52003156-1576927065-1353172914-61754588126051067
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forklog" "1084" "1080"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {3E622AC4-1D01-4A91-8D83-C94889E20197}
"C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkboot" "156" "-x4"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkboot" "1264" "-x3"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkboot" "156" "-x5"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkavlauncher" "1264"
"C:/PostgreSQL/9.2/bin/postgres.exe" "--forkcol" "156"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Glary Utilities 5\x64\Win64ShellLink.exe" ShellLinkX64 3480
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
taskeng.exe {AC5263AE-FF14-4BD2-9AD1-908CC3BFF3D3}
"C:\Program Files (x86)\Glary Utilities 5\Integrator.exe" /autostart
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\05192016_203926.log
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\B-CENTRUM\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\B-CENTRUM\AppData\Roaming\Mozilla\Firefox\Profiles\93c7nndk.default
prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
nppdf32.JPN
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-02-09 228552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2014-01-22 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2016-04-12 2348848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-02-09 163016]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-04-12 1741104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-09 170264]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-02-05 1702912]
"DFEPApplication"=C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [2012-08-15 7077432]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2015-07-08 5595848]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-12-04 2747680]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GUDelayStartup"=C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [2016-05-16 43984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-02-22 292088]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-06-07 56128]
"kbdsprt"= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-02-01 430080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\spba]
C:\Program Files\Common Files\SPBA\homefus2.dll [2012-08-17 2307944]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth
"notification packages"=scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-05-19 20:39:26 ----D---- C:\_OTM
2016-05-19 18:24:37 ----D---- C:\AdwCleaner
2016-05-19 15:13:05 ----D---- C:\Windows\SYSWOW64\NV
2016-05-19 15:13:05 ----D---- C:\Windows\system32\NV
2016-05-19 15:11:34 ----A---- C:\Windows\system32\nvWmiShim.dll
2016-05-19 15:11:34 ----A---- C:\Windows\system32\nvwmi64.exe
2016-05-19 10:37:23 ----A---- C:\Windows\system32\RegBootDefrag.exe
2016-05-19 10:30:09 ----SHD---- C:\Config.Msi
2016-05-19 09:42:17 ----D---- C:\Program Files\Microsoft Silverlight
2016-05-19 09:42:17 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-05-19 08:57:55 ----D---- C:\Program Files\trend micro
2016-05-19 08:57:54 ----D---- C:\rsit
2016-05-19 08:47:11 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-05-19 08:46:47 ----D---- C:\Windows\PCHEALTH
2016-05-19 08:46:47 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2016-05-19 08:45:51 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2016-05-19 08:44:54 ----D---- C:\Program Files\Microsoft Office
2016-05-19 08:43:10 ----RHD---- C:\MSOCache
2016-05-18 17:27:28 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\GlarySoft
2016-05-18 17:27:28 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\DiskDefrag
2016-05-18 17:27:28 ----A---- C:\Windows\system32\drivers\GUBootStartup.sys
2016-05-18 17:27:20 ----D---- C:\Program Files (x86)\Glary Utilities 5
2016-05-13 17:29:36 ----A---- C:\Windows\system32\win32k.sys
2016-05-13 17:29:35 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-05-13 17:29:35 ----A---- C:\Windows\system32\tzres.dll
2016-05-13 17:29:34 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2016-05-13 17:29:34 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2016-05-13 17:29:34 ----A---- C:\Windows\system32\cdd.dll
2016-05-13 17:29:33 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-05-13 17:29:33 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2016-05-13 17:29:33 ----A---- C:\Windows\system32\gdi32.dll
2016-05-13 17:29:33 ----A---- C:\Windows\system32\d3d10level9.dll
2016-05-13 17:29:31 ----A---- C:\Windows\system32\jnwmon.dll
2016-05-13 17:29:29 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2016-05-13 17:29:29 ----A---- C:\Windows\system32\InkEd.dll
2016-05-13 17:29:25 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-05-13 17:29:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-05-13 17:29:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-05-13 17:29:25 ----A---- C:\Windows\system32\iernonce.dll
2016-05-13 17:29:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-05-13 17:29:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\inseng.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-05-13 17:29:24 ----A---- C:\Windows\system32\ie4uinit.exe
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-05-13 17:29:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\urlmon.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\occache.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-05-13 17:29:23 ----A---- C:\Windows\system32\iedkcs32.dll
2016-05-13 17:29:22 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-05-13 17:29:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-05-13 17:29:22 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-13 17:29:22 ----A---- C:\Windows\system32\msfeeds.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\iesetup.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\ieapfltr.dll
2016-05-13 17:29:22 ----A---- C:\Windows\system32\dxtrans.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-05-13 17:29:21 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-05-13 17:29:21 ----A---- C:\Windows\system32\vbscript.dll
2016-05-13 17:29:21 ----A---- C:\Windows\system32\jsproxy.dll
2016-05-13 17:29:21 ----A---- C:\Windows\system32\iertutil.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\mshtmled.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\ieui.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\ieframe.dll
2016-05-13 17:29:20 ----A---- C:\Windows\system32\dxtmsft.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\wininet.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\webcheck.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\jscript9diag.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\jscript9.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\jscript.dll
2016-05-13 17:29:19 ----A---- C:\Windows\system32\ieUnatt.exe
2016-05-13 17:29:18 ----A---- C:\Windows\system32\msrating.dll
2016-05-13 17:29:18 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-05-13 17:29:18 ----A---- C:\Windows\system32\mshtml.dll
2016-05-13 17:28:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-05-13 17:28:58 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-05-13 17:28:58 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-05-13 17:28:58 ----A---- C:\Windows\system32\rpcrt4.dll
2016-05-13 17:28:58 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-05-13 17:28:58 ----A---- C:\Windows\system32\lsasrv.dll
2016-05-13 17:28:58 ----A---- C:\Windows\system32\kerberos.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-13 17:28:57 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-05-13 17:28:57 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wow64win.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wow64cpu.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wow64.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\winsrv.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\wdigest.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\TSpkg.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\sspisrv.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\sspicli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\srcore.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\srclient.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\smss.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\schannel.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\secur32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\rstrui.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\rpchttp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\ntvdm64.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\ntdll.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\ncrypt.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\msv1_0.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\lsass.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\KernelBase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\kernel32.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\drivers\appid.sys
2016-05-13 17:28:57 ----A---- C:\Windows\system32\csrsrv.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\cryptbase.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\credssp.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\conhost.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\certcli.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\auditpol.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidsvc.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-05-13 17:28:57 ----A---- C:\Windows\system32\appidapi.dll
2016-05-13 17:28:57 ----A---- C:\Windows\system32\advapi32.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-13 17:28:56 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\user.exe
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-05-13 17:28:56 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\msobjs.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\msaudite.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\apisetschema.dll
2016-05-13 17:28:56 ----A---- C:\Windows\system32\adtschema.dll
2016-05-13 17:28:53 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2016-05-13 17:28:53 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-05-04 21:30:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2016-05-19 20:42:09 ----D---- C:\Windows\Prefetch
2016-05-19 20:41:57 ----D---- C:\Windows\Temp
2016-05-19 20:41:13 ----D---- C:\Windows\system32\Tasks
2016-05-19 20:41:10 ----D---- C:\Windows\system32\config
2016-05-19 20:40:41 ----D---- C:\ProgramData\NVIDIA
2016-05-19 20:39:26 ----RD---- C:\Program Files (x86)\Skype
2016-05-19 20:34:19 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\Skype
2016-05-19 20:15:52 ----D---- C:\Windows\rescache
2016-05-19 16:16:48 ----HD---- C:\Windows\system32\WLANProfiles
2016-05-19 15:14:39 ----D---- C:\Windows
2016-05-19 15:13:05 ----D---- C:\Windows\SysWOW64
2016-05-19 15:13:05 ----D---- C:\Windows\System32
2016-05-19 15:11:34 ----D---- C:\Windows\system32\wbem
2016-05-19 15:11:34 ----D---- C:\Program Files\NVIDIA Corporation
2016-05-19 15:11:25 ----D---- C:\ProgramData\NVIDIA Corporation
2016-05-19 15:11:18 ----D---- C:\Windows\inf
2016-05-19 15:11:09 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-05-19 15:09:23 ----D---- C:\Windows\system32\drivers
2016-05-19 15:09:15 ----D---- C:\Windows\system32\DriverStore
2016-05-19 15:08:17 ----SHD---- C:\System Volume Information
2016-05-19 15:00:33 ----SHD---- C:\Windows\Installer
2016-05-19 15:00:01 ----D---- C:\ProgramData\Microsoft Help
2016-05-19 14:59:37 ----D---- C:\Windows\Microsoft.NET
2016-05-19 14:58:13 ----RSD---- C:\Windows\assembly
2016-05-19 14:56:34 ----A---- C:\Windows\win.ini
2016-05-19 14:25:55 ----D---- C:\ProgramData\PCDr
2016-05-19 13:18:20 ----SD---- C:\ProgramData\Microsoft
2016-05-19 10:31:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-05-19 10:22:58 ----D---- C:\ProgramData\Skype
2016-05-19 09:50:50 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-05-19 09:42:17 ----RD---- C:\Program Files (x86)
2016-05-19 09:42:17 ----RD---- C:\Program Files
2016-05-19 08:47:49 ----RSD---- C:\Windows\Fonts
2016-05-19 08:47:44 ----D---- C:\Windows\ShellNew
2016-05-19 08:47:39 ----D---- C:\Program Files (x86)\Common Files
2016-05-19 08:47:11 ----HD---- C:\ProgramData
2016-05-19 08:46:47 ----D---- C:\Program Files (x86)\Microsoft Office
2016-05-19 08:45:11 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-05-19 07:42:12 ----D---- C:\Windows\winsxs
2016-05-18 17:35:46 ----D---- C:\Users\B-CENTRUM\AppData\Roaming\TeamViewer
2016-05-18 17:35:28 ----D---- C:\Windows\Minidump
2016-05-18 17:35:28 ----D---- C:\Windows\debug
2016-05-13 23:36:03 ----D---- C:\Windows\system32\appraiser
2016-05-13 17:59:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-05-13 17:59:14 ----D---- C:\Windows\system32\cs-CZ
2016-05-13 17:59:14 ----D---- C:\Windows\ehome
2016-05-13 17:59:13 ----D---- C:\Program Files\Windows Journal
2016-05-13 17:59:12 ----D---- C:\Program Files\Internet Explorer
2016-05-13 17:59:11 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-05-13 17:59:11 ----D---- C:\Windows\SYSWOW64\pl-PL
2016-05-13 17:59:11 ----D---- C:\Windows\SYSWOW64\hu-HU
2016-05-13 17:59:11 ----D---- C:\Program Files (x86)\Internet Explorer
2016-05-13 17:59:10 ----D---- C:\Windows\SYSWOW64\en-US
2016-05-13 17:59:10 ----D---- C:\Windows\system32\sk-SK
2016-05-13 17:59:10 ----D---- C:\Windows\system32\pl-PL
2016-05-13 17:59:10 ----D---- C:\Windows\system32\hu-HU
2016-05-13 17:59:10 ----D---- C:\Windows\system32\en-US
2016-05-13 17:59:02 ----D---- C:\Windows\AppPatch
2016-05-13 17:59:01 ----D---- C:\Windows\system32\Boot
2016-05-13 17:52:21 ----D---- C:\Windows\system32\MRT
2016-05-13 17:45:08 ----A---- C:\Windows\system32\MRT.exe
2016-05-13 17:26:26 ----D---- C:\Windows\system32\catroot2
2016-05-13 14:15:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-05-13 14:15:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2016-05-13 10:17:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-07 03:02:18 ----SD---- C:\Windows\SYSWOW64\GWX
2016-05-07 03:02:18 ----SD---- C:\Windows\system32\GWX
2016-04-30 20:36:12 ----D---- C:\ProgramData\SupportAssistAgent
2016-04-21 15:05:02 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2012-05-30 569152]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-02-22 20464]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-12-04 32544]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 22128]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-07-14 255240]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-07-14 178520]
R1 GUBootStartup;GUBootStartup; \??\C:\Windows\System32\drivers\GUBootStartup.sys [2016-05-18 20160]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2013-12-04 300320]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2015-07-14 168208]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2013-02-21 489264]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2010-09-11 176096]
R3 dcdbas;System Management Driver; C:\Windows\system32\DRIVERS\dcdbas64.sys [2012-09-23 39016]
R3 DDDriver;DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [2015-09-11 32464]
R3 DellProf;DellProf; C:\Windows\system32\drivers\DellProf.sys [2015-05-22 24240]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-06-16 515440]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-02-01 14659808]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-02-22 358896]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-02-22 792560]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-11-13 99288]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-09-30 11523072]
R3 O2SDJRDR;O2SDJRDR; C:\Windows\system32\DRIVERS\o2sdjw7x64.sys [2012-04-27 85336]
R3 ST_ACCEL;STMicroelectronics Accelerometer Service; C:\Windows\system32\DRIVERS\ST_ACCEL.sys [2012-05-21 68208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-02-05 544768]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2014-07-06 135720]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2014-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2014-07-06 80384]
S3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2014-07-06 615464]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2014-07-06 184360]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2014-07-06 211496]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2014-07-06 39976]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2014-07-06 21544]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 InvProtectDrv;InvProtectDrv; \??\C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [2013-07-30 34824]
S3 netvsc;netvsc; C:\Windows\system32\DRIVERS\netvsc60.sys [2010-11-21 168448]
S3 O2MDFRDR;O2MDFRDR; C:\Windows\system32\drivers\O2MDFw7x64.sys [2011-01-03 72808]
S3 O2MDRRDR;O2MDRRDR; C:\Windows\system32\drivers\O2MDRw7x64.sys [2011-01-04 74984]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 SboxDrv;SboxDrv; \??\C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [2013-07-30 202248]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 SynthVid;SynthVid; C:\Windows\system32\DRIVERS\VMBusVideoM.sys [2010-11-21 22528]
S3 t_mouse.sys;HID-compliand device; C:\Windows\system32\DRIVERS\t_mouse.sys [2012-12-19 6144]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2012-02-22 945440]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DFEPService;Dell Feature Enhancement Pack Service; C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2012-08-15 2280504]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2015-07-08 1353720]
R2 EmbassyService;EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2013-03-11 231792]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-08-23 629040]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2012-06-06 190824]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-29 920864]
R2 NVWMI;NVIDIA WMI Provider; C:\Windows\system32\nvwmi64.exe [2013-12-04 1290016]
R2 O2FLASH;O2FLASH; C:\Windows\system32\o2flash.exe [2011-11-16 244328]
R2 PbaDrvSvc_x64;Dell PBA x64 Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [2013-01-21 21504]
R2 postgresql-9.2;postgresql-9.2 - PostgreSQL Server 9.2; C:/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N postgresql-9.2 -D C:/Program Files (x86)/PostgreSQL/9.2/data -w []
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-08-23 149296]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-02-05 332800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-28 414496]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2015-04-09 5261584]
R2 Wave Authentication Manager Service;Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2013-02-26 1773056]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 DellDataVault;Dell Data Vault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2016-03-11 2572024]
S2 DellDataVaultWiz;Dell Data Vault Wizard; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2016-03-11 202488]
S2 DellDigitalDelivery;Dell Digital Delivery Service; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2014-04-10 202248]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-05-30 13632]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-11-13 169432]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-11-13 390616]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-12-04 1364256]
S2 SupportAssistAgent;Dell SupportAssist Agent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2016-04-22 31928]
S2 tcsd_win32.exe;SI TSS v1.2.1.41 TCS; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [2012-05-11 1643520]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-02-09 276248]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-04-23 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 InvProtectSvc;Invincea Enterprise Service; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2013-07-30 2947856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-05-04 146888]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-08-23 272688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SboxSvc;SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [2013-07-30 124616]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe [2013-02-01 2215272]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-03 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý NB
Dvouklikem na soubor C:\Program Files\trend micro\B-CENTRUM.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý NB
vse udelano.
tot vse? pokud ano, diky moc za pomoc a hezky den
tot vse? pokud ano, diky moc za pomoc a hezky den
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý NB
Pokud se NB zrychlil, je to vše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?