Kód: Vybrat vše
Logfile of random's system information tool 1.10 (written by random/random)
Run by Petrnson at 2016-09-14 21:06:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 17 GB (30%) free of 57 GB
Total RAM: 4007 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:06:59, on 14.9.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18427)
Boot mode: Normal
Running processes:
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files (x86)\Lenovo\ThinkPad Compact Keyboard with TrackPoint driver\osd.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Lenovo\ThinkPad Compact Keyboard with TrackPoint driver\HScrollFun.exe
C:\Program Files (x86)\Lenovo\ThinkPad Compact Keyboard with TrackPoint driver\SetSpeed.exe
C:\Data Load\Programy\WizMouse\WizMouse\WizMouse.exe
C:\Data Load\Programy\AutoHotkey\AutoHotkey.exe
C:\Data Load\Programy\Utility\Prostřední tlačítko.exe
C:\Data Load\Programy\AutoHotkey\AutoHotkey.exe
C:\Data Load\Programy\Avast\avastui.exe
C:\Data Load\Programy\Total Commander\totalcmd\TOTALCMD.EXE
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Data Load\Programy\Malwarebytes\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\trend micro\Petrnson.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 146.102.14.10 isis
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Data Load\Programy\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [PWMTRV] rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [aHScrollutility] C:\Program Files (x86)\LENOVO\ThinkPad Compact Keyboard with TrackPoint driver\HScrollFun.exe
O4 - HKLM\..\Run: [aOSD] C:\Program Files (x86)\LENOVO\ThinkPad Compact Keyboard with TrackPoint driver\osd.exe
O4 - HKLM\..\Run: [aSetSpeed] C:\Program Files (x86)\LENOVO\ThinkPad Compact Keyboard with TrackPoint driver\SetSpeed.exe
O4 - HKCU\..\Run: [7 Taskbar Tweaker] "C:\Data Load\Programy\Taskbar Tweaker\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe" -hidewnd
O4 - HKCU\..\Run: [WizMouse] "C:\Data Load\Programy\WizMouse\WizMouse\WizMouse.exe"
O4 - HKCU\..\Run: [GoodSync] "C:\Data Load\Programy\GoodSync\GoodSync.exe" /min
O4 - HKCU\..\Run: [EPSON Stylus DX4000 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIBEE.EXE /FU "C:\Windows\TEMP\E_S82DC.tmp" /EF "HKCU"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Petrnson\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Petrnson\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-947340090-775106512-4189478723-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [7 Taskbar Tweaker] "C:\Data Load\Programy\Taskbar Tweaker\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe" -hidewnd (User '?')
O4 - HKUS\S-1-5-21-947340090-775106512-4189478723-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [Uninstall C:\Users\Petrnson\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Petrnson\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" (User '?')
O4 - S-1-5-21-947340090-775106512-4189478723-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: AutoHotkey.lnk = ? (User '?')
O4 - S-1-5-21-947340090-775106512-4189478723-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: Firefox.lnk = C:\Data Load\Programy\Mozilla Firefox\firefox.exe (User '?')
O4 - S-1-5-21-947340090-775106512-4189478723-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: Prostřední tlačítko.lnk = ? (User '?')
O4 - S-1-5-21-947340090-775106512-4189478723-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: Taskbar.lnk = C:\Data Load\Programy\Utility\Taskbar.ahk (User '?')
O4 - S-1-5-21-947340090-775106512-4189478723-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 Startup: TOTALCMD.lnk = C:\Data Load\Programy\Total Commander\totalcmd\TOTALCMD.EXE (User '?')
O4 - Startup: AutoHotkey.lnk = ?
O4 - Startup: Firefox.lnk = C:\Data Load\Programy\Mozilla Firefox\firefox.exe
O4 - Startup: Prostřední tlačítko.lnk = ?
O4 - Startup: Taskbar.lnk = C:\Data Load\Programy\Utility\Taskbar.ahk
O4 - Startup: TOTALCMD.lnk = C:\Data Load\Programy\Total Commander\totalcmd\TOTALCMD.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Data Load\Programy\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GoodSync Server (GsServer) - Unknown owner - C:/Data Load/Programy/GoodSync/gs-server.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: logonsetService (logonsetsvc) - LENOVO - C:\Program Files (x86)\LENOVO\ThinkPad Compact Keyboard with TrackPoint driver\set\logonsetsvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Power Manager Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: ApplicationThinkPadService (ThinkPadKBSvc) - LENOVO - C:\Program Files (x86)\LENOVO\ThinkPad Compact Keyboard with TrackPoint driver\maincpl\ThinkPadKBSvc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache64 - Apache Software Foundation - C:\Data Load\Programy\WampServer\wamp\bin\apache\apache2.4.9\bin\httpd.exe
O23 - Service: wampmysqld64 - Unknown owner - C:\Data Load\Programy\WampServer\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 14632 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-30bdecca-aad8-49db-a370-381e80a491f8 -SystemEventPortName:HostProcess-c0e767d8-e600-4a3b-86b7-105bbde5b33b -IoCancelEventPortName:HostProcess-2635a2bf-c3a5-4107-9461-0dd7dda9f134 -NonStateChangingEventPortName:HostProcess-7ba6e889-459e-45b7-8e5f-b75b4423e337 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:aca7fa5b-aab8-4bd9-892f-bcf8ddccdf2f
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe"
"C:\Data Load\Programy\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 22815456
\??\C:\Windows\system32\conhost.exe "-743330485-8729080091866679189-1371068669-10016956341236291340-7035977304724518
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {DDD5C20A-E0B7-4C51-8D41-58DCE4520CFF}
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\system32\CxAudMsg64.exe
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:/Data Load/Programy/GoodSync/gs-server.exe" /service
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files (x86)\LENOVO\ThinkPad Compact Keyboard with TrackPoint driver\set\logonsetsvc.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\SysWOW64\SAsrv.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\LENOVO\ThinkPad Compact Keyboard with TrackPoint driver\maincpl\ThinkPadKBSvc.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\LENOVO\ThinkPad Compact Keyboard with TrackPoint driver\set\logonset.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"
"C:\Program Files (x86)\Lenovo\ThinkPad Compact Keyboard with TrackPoint driver\maincpl\MainCpl.exe"
"C:\Program Files (x86)\Lenovo\ThinkPad Compact Keyboard with TrackPoint driver\osd.exe"
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"C:\Program Files (x86)\Lenovo\ThinkPad Compact Keyboard with TrackPoint driver\HScrollFun.exe"
"C:\Program Files (x86)\Lenovo\ThinkPad Compact Keyboard with TrackPoint driver\SetSpeed.exe"
"C:\Data Load\Programy\Taskbar Tweaker\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe" -hidewnd
"C:\Data Load\Programy\WizMouse\WizMouse\WizMouse.exe"
"C:\Data Load\Programy\GoodSync\GoodSync.exe" /min
"C:\Windows\System32\spool\drivers\x64\3\E_IATIBEE.EXE" /FU "C:\Windows\TEMP\E_S82DC.tmp" /EF "HKCU"
"C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe"
"C:\Data Load\Programy\AutoHotkey\AutoHotkey.exe" "C:\Users\Petrnson\Desktop\Mimo Školu\Autohotkey\AutoHotkey.ahk"
"C:\Data Load\Programy\Mozilla Firefox\firefox.exe"
"C:\Data Load\Programy\Utility\Prostřední tlačítko.exe"
"C:\Data Load\Programy\AutoHotkey\AutoHotkey.exe" "C:\Data Load\Programy\Utility\Taskbar.ahk"
"C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe"
"C:\Data Load\Programy\Avast\avastui.exe" /nogui
"C:\Data Load\Programy\Total Commander\totalcmd\TOTALCMD.EXE"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
"C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\ThinkPad\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files (x86)\Lenovo\System Update\SUService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Windows\System32\perfmon.exe" /res
"C:\Data Load\Programy\Malwarebytes\Malwarebytes Anti-Malware\mbam.exe"
"taskhost.exe"
"c:\Data Load\Programy\Sublime Text\Sublime Text 3\sublime_text.exe"
"/c/Data Load/Programy/Sublime Text/Sublime Text 3/plugin_host.exe" "6952"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Petrnson\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Petrnson\AppData\Roaming\Mozilla\Firefox\Profiles\45bdc6v1.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "about:blank"
prefs.js - "keyword.URL" - "http://www.google.com/search?q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Data Load\Programy\Foxit Reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Data Load\Programy\Foxit Reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Data Load\Programy\Foxit Reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Data Load\Programy\Foxit Reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll
C:\Users\Petrnson\AppData\Roaming\Mozilla\Firefox\Profiles\45bdc6v1.default\extensions\
cs@dictionaries.addons.mozilla.org
en-gb@flyingtophat.co.uk
staged
{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}
{a95d8332-e4b4-6e7f-98ac-20b733364387}
C:\Users\Petrnson\AppData\Roaming\Mozilla\Firefox\Profiles\45bdc6v1.default\searchplugins\
Google.xml
peklada-google.xml
youtube.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-08-17 213192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-08-17 607520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-17 2099496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-08-17 154824]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-08-17 332576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-17 1522992]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-09 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-09 416024]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2015-09-24 555688]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2011-04-26 310912]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2013-05-29 60920]
"aRunMaincpl"=C:\Program Files (x86)\LENOVO\ThinkPad Compact Keyboard with TrackPoint driver\maincpl\MainCpl.exe [2013-03-18 56320]
"aOSD"=C:\Program Files (x86)\LENOVO\ThinkPad Compact Keyboard with TrackPoint driver\osd.exe [2013-05-29 121168]
"aHScrollutility"=C:\Program Files (x86)\LENOVO\ThinkPad Compact Keyboard with TrackPoint driver\HScrollFun.exe [2016-03-11 73344]
"aSetSpeed"=C:\Program Files (x86)\LENOVO\ThinkPad Compact Keyboard with TrackPoint driver\SetSpeed.exe [2013-04-08 63824]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"7 Taskbar Tweaker"=C:\Data Load\Programy\Taskbar Tweaker\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe [2015-12-04 380416]
"WizMouse"=C:\Data Load\Programy\WizMouse\WizMouse\WizMouse.exe [2013-09-22 119000]
"GoodSync"=C:\Data Load\Programy\GoodSync\GoodSync.exe [2015-04-30 12445704]
"EPSON Stylus DX4000 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIBEE.EXE [2007-10-09 213504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Petrnson\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"=C:\Windows\system32\cmd.exe [2010-11-21 345088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lync]
C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [2016-08-17 22779072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSQLLauncher]
C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [2013-03-05 86312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petrnson^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Poslat do aplikace OneNote.lnk]
C:\PROGRA~2\MICROS~1\root\Office16\ONENOTEM.EXE [2016-08-17 169152]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-03-09 636032]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"RotateImage"=C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [2008-10-30 55808]
"AvastUI.exe"=C:\Data Load\Programy\Avast\AvastUI.exe [2016-09-12 9107616]
"PWMTRV"=rundll32 C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL,PwrMgrBkGndMonitor []
"aHScrollutility"=C:\Program Files (x86)\LENOVO\ThinkPad Compact Keyboard with TrackPoint driver\HScrollFun.exe [2016-03-11 73344]
"aOSD"=C:\Program Files (x86)\LENOVO\ThinkPad Compact Keyboard with TrackPoint driver\osd.exe [2013-05-29 121168]
"aSetSpeed"=C:\Program Files (x86)\LENOVO\ThinkPad Compact Keyboard with TrackPoint driver\SetSpeed.exe [2013-04-08 63824]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Users\Petrnson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
AutoHotkey.lnk - C:\Users\Petrnson\Desktop\Mimo Školu\Autohotkey\AutoHotkey.ahk
Firefox.lnk - C:\Data Load\Programy\Mozilla Firefox\firefox.exe
Prostřední tlačítko.lnk - C:\Data Load\Programy\Utility\Prostřední tlačítko.exe
Taskbar.lnk - C:\Data Load\Programy\Utility\Taskbar.ahk
TOTALCMD.lnk - C:\Data Load\Programy\Total Commander\totalcmd\TOTALCMD.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-08-09 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2013-03-05 136488]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-09-14 21:03:10 ----D---- C:\rsit
2016-09-14 21:03:10 ----D---- C:\Program Files\trend micro
2016-09-14 20:10:36 ----D---- C:\0f59076ae8f17d23a6bbb9dbce5e61cf
2016-09-14 15:16:20 ----A---- C:\Windows\system32\drivers\asw7A58.tmp
2016-09-14 15:16:20 ----A---- C:\Windows\system32\drivers\asw7A57.tmp
2016-09-14 15:16:20 ----A---- C:\Windows\system32\drivers\asw7A46.tmp
2016-09-14 15:16:20 ----A---- C:\Windows\system32\drivers\asw7A45.tmp
2016-09-14 15:16:20 ----A---- C:\Windows\system32\drivers\asw7A35.tmp
2016-09-14 15:16:20 ----A---- C:\Windows\system32\drivers\asw7A34.tmp
2016-09-14 15:16:20 ----A---- C:\Windows\system32\drivers\asw7A33.tmp
2016-09-14 15:16:20 ----A---- C:\Windows\system32\drivers\asw7A13.tmp
2016-09-14 15:16:18 ----A---- C:\Windows\system32\aswBoot.exe
2016-09-09 19:45:42 ----A---- C:\Windows\avastSS.scr
2016-08-16 19:02:20 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-08-16 19:02:20 ----A---- C:\Windows\system32\tzres.dll
======List of files/folders modified in the last 1 month======
2016-09-14 21:03:10 ----RD---- C:\Program Files
2016-09-14 21:02:24 ----D---- C:\Windows\Temp
2016-09-14 21:01:14 ----D---- C:\Windows\system32\catroot2
2016-09-14 21:01:13 ----D---- C:\Windows\winsxs
2016-09-14 20:57:32 ----D---- C:\Windows\system32\config
2016-09-14 20:18:39 ----D---- C:\Windows
2016-09-14 19:17:25 ----SHD---- C:\System Volume Information
2016-09-14 16:38:57 ----HD---- C:\ProgramData
2016-09-14 15:21:32 ----D---- C:\Windows\inf
2016-09-14 15:20:37 ----D---- C:\Windows\System32
2016-09-14 15:20:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-09-14 15:18:06 ----A---- C:\Windows\SYSWOW64\log.txt
2016-09-14 15:16:40 ----D---- C:\Windows\system32\drivers
2016-09-14 15:16:25 ----D---- C:\Windows\system32\Tasks
2016-09-14 15:16:08 ----D---- C:\Users\Petrnson\AppData\Roaming\GoodSync
2016-09-14 15:15:56 ----D---- C:\Windows\system32\wbem
2016-09-14 15:15:35 ----D---- C:\Windows\Tasks
2016-09-14 15:15:35 ----D---- C:\Windows\SysWOW64
2016-09-14 15:15:35 ----D---- C:\Windows\system32\wfp
2016-09-14 15:15:35 ----D---- C:\Windows\system32\DriverStore
2016-09-14 15:15:35 ----D---- C:\Windows\system32\CodeIntegrity
2016-09-14 15:15:35 ----D---- C:\Windows\AppCompat
2016-09-14 15:15:35 ----D---- C:\Users\Petrnson\AppData\Roaming\vlc
2016-09-14 15:15:34 ----D---- C:\Windows\registration
2016-09-14 15:15:33 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-09-13 21:18:01 ----D---- C:\Windows\system32\catroot
2016-09-12 20:16:52 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-09-12 20:16:49 ----D---- C:\Windows\system32\Macromed
2016-09-12 20:16:47 ----D---- C:\Windows\SYSWOW64\Macromed
2016-08-26 12:11:33 ----D---- C:\Users\Petrnson\AppData\Roaming\uTorrent
2016-08-26 10:41:51 ----D---- C:\ProgramData\Lenovo
2016-08-25 12:50:50 ----SHD---- C:\Windows\Installer
2016-08-25 12:50:46 ----RSD---- C:\Windows\assembly
2016-08-25 12:50:45 ----D---- C:\Program Files (x86)\Lenovo
2016-08-21 15:03:42 ----D---- C:\Windows\rescache
2016-08-17 13:00:27 ----D---- C:\Windows\Microsoft.NET
2016-08-17 12:46:20 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-08-17 12:46:03 ----D---- C:\Program Files (x86)\Common Files
2016-08-17 12:45:00 ----D---- C:\Program Files (x86)\Microsoft Office
2016-08-17 09:50:19 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-08-17 09:50:19 ----D---- C:\Windows\system32\cs-CZ
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2012-02-01 31872]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-09-09 74544]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-09-09 292704]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2015-09-22 156320]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2015-09-22 29344]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-09-09 103064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-09-14 969184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-09-09 513496]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [2016-04-14 29008]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-09-09 108816]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-09-09 163416]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 13128]
R3 5U877;USB Video Device; C:\Windows\system32\DRIVERS\5U877.sys [2011-03-04 166016]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-03-09 10857984]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-03-08 328704]
R3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-09-09 37656]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-03-24 1576064]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2016-01-24 72808]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-08-09 12289472]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-09-14 192216]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-10-31 8615936]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-12-29 412776]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-07-28 45296]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-07-28 461552]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S2 risdxc;risdxc; C:\Windows\system32\DRIVERS\risdxc64.sys [2010-12-14 98816]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-12-04 598808]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-05-02 184144]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2012-03-06 210984]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-18 39976]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-03-06 21544]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-03-09 235520]
R2 avast! Antivirus;Avast Antivirus; C:\Data Load\Programy\Avast\AvastSvc.exe [2016-09-09 197128]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2013-05-14 1008344]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-07-31 2944768]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2010-12-17 198784]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-11-01 1518352]
R2 GsServer;GoodSync Server; C:/Data Load/Programy/GoodSync/gs-server.exe /service []
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2016-01-24 170696]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2013-05-29 44024]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2015-11-26 110248]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2013-05-29 62456]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-22 326168]
R2 logonsetsvc;logonsetService; C:\Program Files (x86)\LENOVO\ThinkPad Compact Keyboard with TrackPoint driver\set\logonsetsvc.exe [2013-04-23 250024]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-11-01 844560]
R2 SAService;Conexant SmartAudio service; C:\Windows\system32\SAsrv.exe []
R2 ThinkPadKBSvc;ApplicationThinkPadService; C:\Program Files (x86)\LENOVO\ThinkPad Compact Keyboard with TrackPoint driver\maincpl\ThinkPadKBSvc.exe [2013-03-22 250192]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2016-03-11 133136]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2015-05-29 126408]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
R3 Power Manager DBC Service;Power Manager Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2016-04-14 1668776]
R3 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2016-07-07 28544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-08-02 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-07-31 209104]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-04-30 5132888]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2015-09-22 49824]
S3 wampapache64;wampapache64; C:\Data Load\Programy\WampServer\wamp\bin\apache\apache2.4.9\bin\httpd.exe [2014-05-01 24576]
S3 wampmysqld64;wampmysqld64; C:\Data Load\Programy\WampServer\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [2014-05-01 12942848]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-05-24 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Přispějete na provoz fóra?