Mam to velmi spomalene, aj pocujem, ze tam stale nieco "bezi"...
Logfile of random's system information tool 1.10 (written by random/random)
Run by HP at 2017-04-05 17:47:06
Microsoft Windows 8.1 so službou Bing
System drive C: has 390 GB (83%) free of 467 GB
Total RAM: 3984 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:48:24, on 5.4.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe
C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\HP.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {03993315-5CE9-4F00-8790-D14A94F1D91A} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKCU\..\RunOnce: [Uninstall 17.3.6798.0207\amd64] C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\HP\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64"
O4 - HKCU\..\RunOnce: [Uninstall 17.3.6798.0207] C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\HP\AppData\Local\Microsoft\OneDrive\17.3.6798.0207"
O4 - Global Startup: ALFA plus - rýchle spustenie.lnk = C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Služba Kaspersky Anti-Virus 16.0.1 (AVP16.0.1) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - KROS_20400 (FirebirdServerKROS_20400) - Firebird Project - C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: klvssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lxbk_device - - C:\windows\system32\lxbkcoms.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.523\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12822 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
taskhostex.exe
ClassicStartMenu.exe -startup
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
C:\windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe" -r
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe" -s KROS_20400
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\windows\system32\lxbkcoms.exe -service
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe" -hidden
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000007c4
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe"
"C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exe"
"C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe" /StartUp
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
taskhost.exe
C:\windows\system32\wbem\WmiApSrv.exe
C:\windows\splwow64.exe 8192
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\windows\System32\Taskmgr.exe" /3
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="6032.0.321445939\1233136549" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 6032 "\\.\pipe\gecko-crash-server-pipe.6032" tab
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\HP\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\windows\system32\SearchFilterHost.exe" 0 556 560 568 65536 564
C:\windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe" /DM="1" "/NOMESSAGEBOX"
"C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe" /validationmode /validationdir="C:\ProgramData\Avira\Antivirus\TEMP\UPDATE\VALIDATION" /validationfile="C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe"
======Scheduled tasks folder======
C:\windows\tasks\HPCeeScheduleForHP.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForHP (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.127 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.127 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\extensions\
2020Player_IKEA@2020Technologies.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03993315-5CE9-4F00-8790-D14A94F1D91A}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-02 972976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13 229064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-01-31 2351920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21 440712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03993315-5CE9-4F00-8790-D14A94F1D91A}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2016-12-02 751336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21 416320]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
{001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-02 972976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
{001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2016-12-02 751336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-27 13667032]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2014-02-25 391152]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2014-02-25 771568]
"Persistence"=C:\windows\system32\igfxpers.exe [2014-02-25 770544]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"lxbkbmgr.exe"=C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe [2008-02-28 74408]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall 17.3.6798.0207\amd64"=C:\windows\system32\cmd.exe [2014-10-29 357376]
"Uninstall 17.3.6798.0207"=C:\windows\system32\cmd.exe [2014-10-29 357376]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2017-03-21 909744]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2017-03-09 63432]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ALFA plus - rýchle spustenie.lnk - C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2014-02-25 624640]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-04-05 17:47:09 ----D---- C:\Program Files\trend micro
2017-04-05 17:47:06 ----D---- C:\rsit
2017-04-05 15:45:01 ----D---- C:\Program Files (x86)\Adobe
2017-03-15 09:14:16 ----A---- C:\windows\SYSWOW64\iepeers.dll
2017-03-15 09:14:16 ----A---- C:\windows\system32\iertutil.dll
2017-03-15 09:14:16 ----A---- C:\windows\system32\iepeers.dll
2017-03-15 09:14:15 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2017-03-15 09:14:15 ----A---- C:\windows\SYSWOW64\iertutil.dll
2017-03-15 09:14:14 ----A---- C:\windows\SYSWOW64\vbscript.dll
2017-03-15 09:14:14 ----A---- C:\windows\SYSWOW64\urlmon.dll
2017-03-15 09:14:14 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2017-03-15 09:14:13 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2017-03-15 09:14:12 ----A---- C:\windows\SYSWOW64\mshtml.dll
2017-03-15 09:14:12 ----A---- C:\windows\system32\iedkcs32.dll
2017-03-15 09:14:11 ----A---- C:\windows\SYSWOW64\jscript.dll
2017-03-15 09:14:11 ----A---- C:\windows\system32\urlmon.dll
2017-03-15 09:14:10 ----A---- C:\windows\system32\vbscript.dll
2017-03-15 09:14:09 ----A---- C:\windows\SYSWOW64\ieframe.dll
2017-03-15 09:14:09 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2017-03-15 09:14:09 ----A---- C:\windows\system32\msfeeds.dll
2017-03-15 09:14:08 ----A---- C:\windows\SYSWOW64\webcheck.dll
2017-03-15 09:14:08 ----A---- C:\windows\SYSWOW64\jscript9.dll
2017-03-15 09:14:07 ----A---- C:\windows\SYSWOW64\wininet.dll
2017-03-15 09:14:07 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2017-03-15 09:14:07 ----A---- C:\windows\system32\jscript.dll
2017-03-15 09:14:06 ----A---- C:\windows\system32\ieframe.dll
2017-03-15 09:14:06 ----A---- C:\windows\system32\dxtrans.dll
2017-03-15 09:14:05 ----A---- C:\windows\system32\win32k.sys
2017-03-15 09:14:05 ----A---- C:\windows\system32\webcheck.dll
2017-03-15 09:14:05 ----A---- C:\windows\system32\jscript9.dll
2017-03-15 09:14:04 ----A---- C:\windows\system32\wininet.dll
2017-03-15 09:14:04 ----A---- C:\windows\system32\inetcomm.dll
2017-03-15 09:14:03 ----A---- C:\windows\system32\ntoskrnl.exe
2017-03-15 09:14:02 ----A---- C:\windows\system32\mshtml.dll
2017-03-15 09:13:59 ----A---- C:\windows\system32\winresume.exe
2017-03-15 09:13:58 ----A---- C:\windows\system32\winload.exe
2017-03-15 09:13:58 ----A---- C:\windows\system32\gdi32.dll
2017-03-15 09:13:57 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2017-03-15 09:13:57 ----A---- C:\windows\SYSWOW64\gdi32.dll
2017-03-15 09:13:57 ----A---- C:\windows\system32\ieapfltr.dll
2017-03-15 09:13:56 ----A---- C:\windows\system32\glcndFilter.dll
2017-03-15 09:13:55 ----A---- C:\windows\system32\Windows.Data.Pdf.dll
2017-03-15 09:13:54 ----A---- C:\windows\system32\DWrite.dll
2017-03-15 09:13:53 ----A---- C:\windows\SYSWOW64\DWrite.dll
2017-03-15 09:13:53 ----A---- C:\windows\system32\wow64.dll
2017-03-15 09:13:53 ----A---- C:\windows\system32\lsasrv.dll
2017-03-15 09:13:53 ----A---- C:\windows\system32\FntCache.dll
2017-03-15 09:13:49 ----A---- C:\windows\system32\msxml3.dll
2017-03-15 09:13:49 ----A---- C:\windows\system32\GdiPlus.dll
2017-03-15 09:13:48 ----A---- C:\windows\SYSWOW64\Windows.Data.Pdf.dll
2017-03-15 09:13:48 ----A---- C:\windows\SYSWOW64\msxml3.dll
2017-03-15 09:13:48 ----A---- C:\windows\SYSWOW64\glcndFilter.dll
2017-03-15 09:13:47 ----A---- C:\windows\SYSWOW64\GdiPlus.dll
2017-03-15 09:13:47 ----A---- C:\windows\system32\dnsapi.dll
2017-03-15 09:13:46 ----A---- C:\windows\SYSWOW64\dnsapi.dll
2017-03-15 09:13:45 ----A---- C:\windows\system32\microsoft-windows-system-events.dll
2017-03-15 09:13:43 ----A---- C:\windows\system32\drivers\srv2.sys
2017-03-15 09:13:43 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2017-03-15 09:13:42 ----A---- C:\windows\SYSWOW64\quartz.dll
2017-03-15 09:13:42 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2017-03-15 09:13:42 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2017-03-15 09:13:41 ----A---- C:\windows\SYSWOW64\adtschema.dll
2017-03-15 09:13:41 ----A---- C:\windows\system32\quartz.dll
2017-03-15 09:13:41 ----A---- C:\windows\system32\ieetwcollector.exe
2017-03-15 09:13:41 ----A---- C:\windows\system32\adtschema.dll
2017-03-15 09:13:40 ----A---- C:\windows\system32\wininit.exe
2017-03-15 09:13:40 ----A---- C:\windows\system32\drivers\srv.sys
2017-03-15 09:13:40 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2017-03-15 09:13:40 ----A---- C:\windows\HelpPane.exe
2017-03-15 09:13:39 ----A---- C:\windows\SYSWOW64\mscms.dll
2017-03-15 09:13:39 ----A---- C:\windows\system32\mscms.dll
2017-03-15 09:13:39 ----A---- C:\windows\system32\drivers\cng.sys
2017-03-15 09:13:38 ----A---- C:\windows\SYSWOW64\icm32.dll
2017-03-15 09:13:38 ----A---- C:\windows\system32\icm32.dll
2017-03-15 09:13:37 ----A---- C:\windows\SYSWOW64\certcli.dll
2017-03-15 09:13:37 ----A---- C:\windows\system32\dnsrslvr.dll
2017-03-15 09:13:37 ----A---- C:\windows\system32\certcli.dll
2017-03-15 09:13:36 ----A---- C:\windows\SYSWOW64\msobjs.dll
2017-03-15 09:13:36 ----A---- C:\windows\system32\msobjs.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\pcasvc.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\invagent.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\generaltel.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\devinv.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\CompatTelRunner.exe
2017-03-15 09:07:51 ----A---- C:\windows\system32\centel.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\appraiser.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\aepic.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\aeinv.dll
2017-03-15 09:07:50 ----A---- C:\windows\system32\acmigration.dll
======List of files/folders modified in the last 1 month======
2017-04-05 17:47:51 ----D---- C:\windows\Prefetch
2017-04-05 17:47:41 ----D---- C:\windows\Temp
2017-04-05 17:47:09 ----RD---- C:\Program Files
2017-04-05 17:12:48 ----D---- C:\ProgramData\Kaspersky Lab
2017-04-05 17:00:00 ----D---- C:\windows\system32\sru
2017-04-05 16:57:16 ----D---- C:\windows\Inf
2017-04-05 15:46:41 ----SHD---- C:\windows\Installer
2017-04-05 15:46:35 ----D---- C:\windows\system32\Tasks
2017-04-05 15:45:01 ----RD---- C:\Program Files (x86)
2017-04-05 15:42:32 ----D---- C:\ProgramData\Adobe
2017-04-05 15:41:25 ----D---- C:\windows\SysWOW64
2017-04-05 14:29:10 ----D---- C:\Users\HP\AppData\Roaming\ClassicShell
2017-04-05 13:20:18 ----D---- C:\windows\Microsoft.NET
2017-04-05 13:18:26 ----SHD---- C:\System Volume Information
2017-04-04 11:17:09 ----D---- C:\temp
2017-04-03 08:47:17 ----D---- C:\windows\system32\config
2017-03-31 14:24:56 ----RD---- C:\windows\System32
2017-03-31 14:24:56 ----A---- C:\windows\system32\PerfStringBackup.INI
2017-03-30 10:39:10 ----D---- C:\ProgramData\firebird
2017-03-30 10:35:20 ----D---- C:\Program Files\McAfee Security Scan
2017-03-30 10:30:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-30 10:30:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-03-30 10:03:13 ----D---- C:\windows\Tasks
2017-03-29 08:12:24 ----D---- C:\windows\system32\DriverStore
2017-03-29 08:12:11 ----D---- C:\windows\CbsTemp
2017-03-24 09:58:10 ----RSD---- C:\windows\assembly
2017-03-24 08:58:40 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-03-24 08:56:50 ----D---- C:\Program Files\Microsoft Office 15
2017-03-21 12:58:37 ----D---- C:\windows\system32\drivers
2017-03-20 12:35:06 ----D---- C:\windows\rescache
2017-03-20 10:05:10 ----D---- C:\ProgramData\Package Cache
2017-03-20 10:04:04 ----D---- C:\windows\WinSxS
2017-03-20 09:55:37 ----D---- C:\windows\system32\appraiser
2017-03-20 09:55:36 ----D---- C:\windows\apppatch
2017-03-20 09:55:32 ----D---- C:\Program Files\Internet Explorer
2017-03-20 09:55:32 ----D---- C:\Program Files (x86)\Internet Explorer
2017-03-20 09:55:31 ----D---- C:\windows\SYSWOW64\en-US
2017-03-20 09:55:28 ----D---- C:\windows\system32\en-US
2017-03-20 09:55:27 ----D---- C:\Windows
2017-03-15 09:24:09 ----D---- C:\windows\AppReadiness
2017-03-15 09:24:08 ----HD---- C:\Program Files\WindowsApps
2017-03-15 09:20:55 ----D---- C:\windows\system32\MRT
2017-03-15 09:18:03 ----AC---- C:\windows\system32\MRT.exe
2017-03-15 09:02:20 ----D---- C:\windows\system32\catroot2
2017-03-14 12:28:20 ----D---- C:\windows\system32\catroot
2017-03-14 12:01:12 ----D---- C:\windows\system32\Macromed
2017-03-14 12:01:09 ----D---- C:\windows\SYSWOW64\Macromed
2017-03-10 06:34:39 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak); C:\windows\system32\DRIVERS\cm_km.sys [2015-07-06 389816]
R0 kl1;kl1; C:\windows\system32\DRIVERS\kl1.sys [2015-09-11 478392]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\windows\system32\DRIVERS\klbackupdisk.sys [2015-06-06 53432]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2017-03-21 163976]
R1 avkmgr;avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [2017-03-21 44488]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\windows\system32\DRIVERS\klbackupflt.sys [2015-12-01 79752]
R1 klhk;@oem89.inf,%klhkDisplayName%;Kaspersky Lab service driver; C:\windows\system32\DRIVERS\klhk.sys [2017-03-14 244448]
R1 KLIF;Kaspersky Lab Driver; C:\windows\system32\DRIVERS\klif.sys [2017-03-14 1000160]
R1 KLIM6;@oem66.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\windows\system32\DRIVERS\klim6.sys [2016-05-05 51288]
R1 klpd;Kaspersky Lab format recognizer driver; C:\windows\system32\DRIVERS\klpd.sys [2015-12-07 45960]
R1 klwfp;klwfp; C:\windows\system32\DRIVERS\klwfp.sys [2016-08-16 87984]
R1 Klwtp;KLwtp - WFP callout traffic inspector; C:\windows\system32\DRIVERS\klwtp.sys [2017-03-14 116448]
R1 kneps;kneps; C:\windows\system32\DRIVERS\kneps.sys [2015-12-03 194440]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2017-03-21 161824]
R2 avnetflt;avnetflt; C:\windows\system32\DRIVERS\avnetflt.sys [2017-03-21 88488]
R2 kldisk;kldisk; C:\windows\system32\DRIVERS\kldisk.sys [2015-12-02 78200]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-02-25 4221440]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-03-27 3867992]
R3 iwdbus;@oem54.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 klflt;Kaspersky Lab Kernel DLL; C:\windows\system32\DRIVERS\klflt.sys [2017-03-14 185112]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\windows\system32\DRIVERS\klkbdflt.sys [2015-11-11 52608]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\windows\system32\DRIVERS\klmouflt.sys [2015-06-07 41656]
R3 MEIx64;@oem16.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\TeeDriverx64.sys [2014-03-18 99288]
R3 RTL8168;@oem52.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2014-03-26 839896]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S0 klelam;klelam; C:\windows\system32\DRIVERS\klelam.sys [2015-06-24 30328]
S3 dg_ssudbus;@oem60.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem53.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 ssudmdm;@oem61.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;@oem62.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2017-03-21 487432]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2017-03-21 487432]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\windows\system32\svchost.exe [2014-10-29 38792]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2017-03-09 349560]
R2 AVP16.0.1;Služba Kaspersky Anti-Virus 16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [2015-12-22 236928]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 ClickToRunSvc;Služba Klikni a spusti balíka Microsoft Office; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2017-01-17 3042032]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-08-12 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-08-12 298760]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 FirebirdServerKROS_20400;Firebird Server - KROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [2011-10-11 3764224]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-12-07 31776]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-03-18 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-03-18 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-03-18 390616]
R2 lxbk_device;lxbk_device; C:\windows\system32\lxbkcoms.exe [2008-02-19 565928]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-03-27 290520]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-12-19 82640]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2017-03-21 1115552]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2017-03-21 1519136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-14 271960]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-10-20 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-02-25 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 klvssbrigde64;klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [2015-12-22 152488]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.523\McCHSvc.exe [2017-03-20 404376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-03-20 172488]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\windows\system32\svchost.exe [2014-10-29 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\windows\system32\svchost.exe [2014-10-29 38792]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomaleee PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomaleee PC
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomaleee PC
# AdwCleaner v6.045 - *Logfile created 06/04/2017 *at 08:44:59
# *Updated on 28/03/2017 by Malwarebytes
# *Database : 2017-04-04.2 [*Server]
# *Operating System : Windows 8.1 Connected (X64)
# *Username : HP - HP-PC
# *Running from : C:\Users\HP\Desktop\adwcleaner_6.045.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support
***** [ *Services ] *****
***** [ *Folders ] *****
***** [ *Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ *Shortcuts ] *****
***** [ *Scheduled Tasks ] *****
***** [ *Registry ] *****
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
***** [ *Browsers ] *****
# *Updated on 28/03/2017 by Malwarebytes
# *Database : 2017-04-04.2 [*Server]
# *Operating System : Windows 8.1 Connected (X64)
# *Username : HP - HP-PC
# *Running from : C:\Users\HP\Desktop\adwcleaner_6.045.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support
***** [ *Services ] *****
***** [ *Folders ] *****
***** [ *Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ *Shortcuts ] *****
***** [ *Scheduled Tasks ] *****
***** [ *Registry ] *****
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
***** [ *Browsers ] *****
Re: Pomaleee PC
jednorazovo zaskocim:
Kaspersky + Avira = JEDEN MUSI PREC
Kaspersky + Avira = JEDEN MUSI PREC
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomaleee PC
Až odinstalujete jeden z antivirů, dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomaleee PC
Logfile of random's system information tool 1.16 (written by random/random)
Run by HP at 2017-04-10 09:11:18
Microsoft Windows 8.1 so službou Bing
System drive C: has 398 GB (85%) free of 467 GB
Total RAM: 3984 MB (69% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:11:28, on 10.4.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe
C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\trend micro\HP_RSITx64(1).exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {03993315-5CE9-4F00-8790-D14A94F1D91A} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Global Startup: ALFA plus - rýchle spustenie.lnk = C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 16.0.1 (AVP16.0.1) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - KROS_20400 (FirebirdServerKROS_20400) - Firebird Project - C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: klvssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lxbk_device - - C:\windows\system32\lxbkcoms.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.523\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11424 bytes
====== Enumerating Processes ======
C:\windows\system32\wininit.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\dwm.exe
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe" -r
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\windows\system32\taskhostex.exe
C:\windows\Explorer.EXE
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe" -s KROS_20400
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\windows\system32\lxbkcoms.exe -service
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe" -hidden
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe"
"C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exe"
"C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe" /StartUp
"C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\windows\system32\wbem\WmiApSrv.exe
C:\windows\System32\svchost.exe -k swprv
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 548 552 560 65536 556
"C:\Users\HP\Downloads\RSITx64(1).exe"
C:\windows\system32\wbem\wmiprvse.exe
====== Scheduled tasks folder ======
C:\windows\tasks\HPCeeScheduleForHP.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForHP (null)
C:\windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\windows\system32\tasks\Adobe Flash Player Updater - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\windows\system32\tasks\CreateChoiceProcessTask - C:\Windows\BrowserChoice\browserchoice.exe /launch
C:\windows\system32\tasks\HPCeeScheduleForHP - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForHP (null)
C:\windows\system32\tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1940277907-3814265933-3346958118-1001 - %localappdata%\Microsoft\OneDrive\OneDrive.exe /autoupdate
C:\windows\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\windows\system32\tasks\User_Feed_Synchronization-{A52CA3FF-104F-46BA-BC04-E3A96EFDBEB7} - C:\windows\system32\msfeedssync.exe sync
C:\windows\system32\tasks\{838E6F4C-3D17-436B-8B4E-1A7874C62442} - C:\windows\system32\pcalua.exe -a C:\Users\HP\Downloads\OfficeExcel2003XMLToolsAddin.exe -d C:\Users\HP\Downloads
C:\windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1940277907-3814265933-3346958118-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\windows\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\windows\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\windows\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\windows\system32\sc.exe start wuauserv
C:\windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\windows\system32\sc.exe start wuauserv
C:\windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\windows\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\windows\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\windows\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\windows\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\windows\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\windows\system32\MRT.exe /EHB /Q
C:\windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\windows\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\windows\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\windows\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\windows\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\windows\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\windows\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\windows\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /WatchService
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\Product Configurator - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport
C:\windows\system32\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA
=========Mozilla firefox=========
ProfilePath - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.127 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.127 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\extensions\
2020Player_IKEA@2020Technologies.com
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\addons.json
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\extensions.json
20-20 3D Viewer - IKEA - extension - 2020Player_IKEA@2020Technologies.com - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\extensions\2020Player_IKEA@2020Technologies.com
Kaspersky Protection - extension - light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Disable Prefetch - extension - disable-prefetch@mozilla.org - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\features\{b9bb0f3d-e970-4d78-b439-68bb21e1d265}\disable-prefetch@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\features\{b9bb0f3d-e970-4d78-b439-68bb21e1d265}\e10srollout@mozilla.org.xpi
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\pluginreg.dat
Plugin - Shockwave Flash - 25.0.0.127 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll
=========Google Chrome=========
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Docs 0.0.0.6
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 6.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.5
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension felcaaldnbdncclmgdcncolpebgiejap
Extension flliilndjeohchalpbbcdekjklbdgfkk
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension lpeeaghdjmhlakojjcgfdhgcejdaefmi
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 7
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm
Homepage:
default_search_provider.search_url:
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi]
"Path"=https://chrome.google.com/webstore/deta ... gcejdaefmi
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03993315-5CE9-4F00-8790-D14A94F1D91A}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-02 972976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13 229064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-01-31 2351920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21 440712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03993315-5CE9-4F00-8790-D14A94F1D91A}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2016-12-02 751336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21 416320]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
{001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-02 972976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
{001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2016-12-02 751336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-27 13667032]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2014-02-25 391152]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2014-02-25 771568]
"Persistence"=C:\windows\system32\igfxpers.exe [2014-02-25 770544]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"lxbkbmgr.exe"=C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe [2008-02-28 74408]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-03-03 9364696]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ALFA plus - rýchle spustenie.lnk - C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-04-10 08:15:00 ----D---- C:\Program Files\CCleaner
2017-04-10 08:13:27 ----D---- C:\Program Files (x86)\Google
2017-04-06 08:32:50 ----D---- C:\AdwCleaner
2017-04-05 17:47:09 ----D---- C:\Program Files\trend micro
2017-04-05 17:47:06 ----D---- C:\rsit
2017-04-05 15:45:01 ----D---- C:\Program Files (x86)\Adobe
2017-03-15 09:14:16 ----A---- C:\windows\SYSWOW64\iepeers.dll
2017-03-15 09:14:16 ----A---- C:\windows\system32\iertutil.dll
2017-03-15 09:14:16 ----A---- C:\windows\system32\iepeers.dll
2017-03-15 09:14:15 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2017-03-15 09:14:15 ----A---- C:\windows\SYSWOW64\iertutil.dll
2017-03-15 09:14:14 ----A---- C:\windows\SYSWOW64\vbscript.dll
2017-03-15 09:14:14 ----A---- C:\windows\SYSWOW64\urlmon.dll
2017-03-15 09:14:14 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2017-03-15 09:14:13 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2017-03-15 09:14:12 ----A---- C:\windows\SYSWOW64\mshtml.dll
2017-03-15 09:14:12 ----A---- C:\windows\system32\iedkcs32.dll
2017-03-15 09:14:11 ----A---- C:\windows\SYSWOW64\jscript.dll
2017-03-15 09:14:11 ----A---- C:\windows\system32\urlmon.dll
2017-03-15 09:14:10 ----A---- C:\windows\system32\vbscript.dll
2017-03-15 09:14:09 ----A---- C:\windows\SYSWOW64\ieframe.dll
2017-03-15 09:14:09 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2017-03-15 09:14:09 ----A---- C:\windows\system32\msfeeds.dll
2017-03-15 09:14:08 ----A---- C:\windows\SYSWOW64\webcheck.dll
2017-03-15 09:14:08 ----A---- C:\windows\SYSWOW64\jscript9.dll
2017-03-15 09:14:07 ----A---- C:\windows\SYSWOW64\wininet.dll
2017-03-15 09:14:07 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2017-03-15 09:14:07 ----A---- C:\windows\system32\jscript.dll
2017-03-15 09:14:06 ----A---- C:\windows\system32\ieframe.dll
2017-03-15 09:14:06 ----A---- C:\windows\system32\dxtrans.dll
2017-03-15 09:14:05 ----A---- C:\windows\system32\win32k.sys
2017-03-15 09:14:05 ----A---- C:\windows\system32\webcheck.dll
2017-03-15 09:14:05 ----A---- C:\windows\system32\jscript9.dll
2017-03-15 09:14:04 ----A---- C:\windows\system32\wininet.dll
2017-03-15 09:14:04 ----A---- C:\windows\system32\inetcomm.dll
2017-03-15 09:14:03 ----A---- C:\windows\system32\ntoskrnl.exe
2017-03-15 09:14:02 ----A---- C:\windows\system32\mshtml.dll
2017-03-15 09:13:59 ----A---- C:\windows\system32\winresume.exe
2017-03-15 09:13:58 ----A---- C:\windows\system32\winload.exe
2017-03-15 09:13:58 ----A---- C:\windows\system32\gdi32.dll
2017-03-15 09:13:57 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2017-03-15 09:13:57 ----A---- C:\windows\SYSWOW64\gdi32.dll
2017-03-15 09:13:57 ----A---- C:\windows\system32\ieapfltr.dll
2017-03-15 09:13:56 ----A---- C:\windows\system32\glcndFilter.dll
2017-03-15 09:13:55 ----A---- C:\windows\system32\Windows.Data.Pdf.dll
2017-03-15 09:13:54 ----A---- C:\windows\system32\DWrite.dll
2017-03-15 09:13:53 ----A---- C:\windows\SYSWOW64\DWrite.dll
2017-03-15 09:13:53 ----A---- C:\windows\system32\wow64.dll
2017-03-15 09:13:53 ----A---- C:\windows\system32\lsasrv.dll
2017-03-15 09:13:53 ----A---- C:\windows\system32\FntCache.dll
2017-03-15 09:13:49 ----A---- C:\windows\system32\msxml3.dll
2017-03-15 09:13:49 ----A---- C:\windows\system32\GdiPlus.dll
2017-03-15 09:13:48 ----A---- C:\windows\SYSWOW64\Windows.Data.Pdf.dll
2017-03-15 09:13:48 ----A---- C:\windows\SYSWOW64\msxml3.dll
2017-03-15 09:13:48 ----A---- C:\windows\SYSWOW64\glcndFilter.dll
2017-03-15 09:13:47 ----A---- C:\windows\SYSWOW64\GdiPlus.dll
2017-03-15 09:13:47 ----A---- C:\windows\system32\dnsapi.dll
2017-03-15 09:13:46 ----A---- C:\windows\SYSWOW64\dnsapi.dll
2017-03-15 09:13:45 ----A---- C:\windows\system32\microsoft-windows-system-events.dll
2017-03-15 09:13:43 ----A---- C:\windows\system32\drivers\srv2.sys
2017-03-15 09:13:43 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2017-03-15 09:13:42 ----A---- C:\windows\SYSWOW64\quartz.dll
2017-03-15 09:13:42 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2017-03-15 09:13:42 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2017-03-15 09:13:41 ----A---- C:\windows\SYSWOW64\adtschema.dll
2017-03-15 09:13:41 ----A---- C:\windows\system32\quartz.dll
2017-03-15 09:13:41 ----A---- C:\windows\system32\ieetwcollector.exe
2017-03-15 09:13:41 ----A---- C:\windows\system32\adtschema.dll
2017-03-15 09:13:40 ----A---- C:\windows\system32\wininit.exe
2017-03-15 09:13:40 ----A---- C:\windows\system32\drivers\srv.sys
2017-03-15 09:13:40 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2017-03-15 09:13:40 ----A---- C:\windows\HelpPane.exe
2017-03-15 09:13:39 ----A---- C:\windows\SYSWOW64\mscms.dll
2017-03-15 09:13:39 ----A---- C:\windows\system32\mscms.dll
2017-03-15 09:13:39 ----A---- C:\windows\system32\drivers\cng.sys
2017-03-15 09:13:38 ----A---- C:\windows\SYSWOW64\icm32.dll
2017-03-15 09:13:38 ----A---- C:\windows\system32\icm32.dll
2017-03-15 09:13:37 ----A---- C:\windows\SYSWOW64\certcli.dll
2017-03-15 09:13:37 ----A---- C:\windows\system32\dnsrslvr.dll
2017-03-15 09:13:37 ----A---- C:\windows\system32\certcli.dll
2017-03-15 09:13:36 ----A---- C:\windows\SYSWOW64\msobjs.dll
2017-03-15 09:13:36 ----A---- C:\windows\system32\msobjs.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\pcasvc.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\invagent.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\generaltel.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\devinv.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\CompatTelRunner.exe
2017-03-15 09:07:51 ----A---- C:\windows\system32\centel.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\appraiser.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\aepic.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\aeinv.dll
2017-03-15 09:07:50 ----A---- C:\windows\system32\acmigration.dll
====== List of files/folders modified in the last 1 month ======
2017-04-10 09:11:24 ----D---- C:\windows\Prefetch
2017-04-10 09:11:18 ----D---- C:\windows\Temp
2017-04-10 09:07:37 ----D---- C:\windows\Microsoft.NET
2017-04-10 09:07:15 ----D---- C:\windows\debug
2017-04-10 09:02:03 ----D---- C:\windows\system32\sru
2017-04-10 08:52:33 ----D---- C:\Windows
2017-04-10 08:51:43 ----D---- C:\ProgramData\firebird
2017-04-10 08:51:07 ----RD---- C:\windows\System32
2017-04-10 08:51:07 ----D---- C:\windows\Inf
2017-04-10 08:51:07 ----A---- C:\windows\system32\PerfStringBackup.INI
2017-04-10 08:49:48 ----SHD---- C:\windows\Installer
2017-04-10 08:49:48 ----D---- C:\ProgramData\Package Cache
2017-04-10 08:49:46 ----RD---- C:\Program Files (x86)
2017-04-10 08:49:46 ----D---- C:\ProgramData\Avira
2017-04-10 08:45:27 ----D---- C:\ProgramData\Kaspersky Lab
2017-04-10 08:44:54 ----SHD---- C:\System Volume Information
2017-04-10 08:43:41 ----D---- C:\Users\HP\AppData\Roaming\ClassicShell
2017-04-10 08:38:13 ----D---- C:\windows\system32\Tasks
2017-04-10 08:36:24 ----D---- C:\Users\HP\AppData\Roaming\Avira
2017-04-10 08:36:20 ----D---- C:\windows\system32\drivers
2017-04-10 08:29:10 ----D---- C:\windows\Panther
2017-04-10 08:29:09 ----D---- C:\windows\Logs
2017-04-10 08:25:11 ----D---- C:\windows\Tasks
2017-04-10 08:15:00 ----RD---- C:\Program Files
2017-04-10 08:13:58 ----D---- C:\windows\SysWOW64
2017-04-06 09:25:18 ----D---- C:\temp
2017-04-05 15:42:32 ----D---- C:\ProgramData\Adobe
2017-04-03 08:47:17 ----D---- C:\windows\system32\config
2017-03-30 10:35:20 ----D---- C:\Program Files\McAfee Security Scan
2017-03-30 10:30:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-30 10:30:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-03-29 08:12:24 ----D---- C:\windows\system32\DriverStore
2017-03-29 08:12:11 ----D---- C:\windows\CbsTemp
2017-03-24 09:58:10 ----RSD---- C:\windows\assembly
2017-03-24 08:58:40 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-03-24 08:56:50 ----D---- C:\Program Files\Microsoft Office 15
2017-03-20 12:35:06 ----D---- C:\windows\rescache
2017-03-20 10:04:04 ----D---- C:\windows\WinSxS
2017-03-20 09:55:37 ----D---- C:\windows\system32\appraiser
2017-03-20 09:55:36 ----D---- C:\windows\apppatch
2017-03-20 09:55:32 ----D---- C:\Program Files\Internet Explorer
2017-03-20 09:55:32 ----D---- C:\Program Files (x86)\Internet Explorer
2017-03-20 09:55:31 ----D---- C:\windows\SYSWOW64\en-US
2017-03-20 09:55:28 ----D---- C:\windows\system32\en-US
2017-03-15 09:24:09 ----D---- C:\windows\AppReadiness
2017-03-15 09:24:08 ----HD---- C:\Program Files\WindowsApps
2017-03-15 09:20:55 ----D---- C:\windows\system32\MRT
2017-03-15 09:18:03 ----AC---- C:\windows\system32\MRT.exe
2017-03-15 09:02:20 ----D---- C:\windows\system32\catroot2
2017-03-14 12:28:20 ----D---- C:\windows\system32\catroot
2017-03-14 12:01:12 ----D---- C:\windows\system32\Macromed
2017-03-14 12:01:09 ----D---- C:\windows\SYSWOW64\Macromed
File C:\windows\system32\winlogon.exe is digitally signed
File C:\windows\system32\wininit.exe is digitally signed
File C:\windows\explorer.exe is digitally signed
File C:\windows\SysWOW64\explorer.exe is digitally signed
File C:\windows\system32\svchost.exe is digitally signed
File C:\windows\SysWOW64\svchost.exe is digitally signed
File C:\windows\system32\services.exe is digitally signed
File C:\windows\system32\User32.dll is digitally signed
File C:\windows\SysWOW64\User32.dll is digitally signed
File C:\windows\system32\userinit.exe is digitally signed
File C:\windows\SysWOW64\userinit.exe is digitally signed
File C:\windows\system32\rpcss.dll is digitally signed
File C:\windows\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak); C:\windows\system32\DRIVERS\cm_km.sys [2015-07-06 389816]
R0 kl1;kl1; C:\windows\system32\DRIVERS\kl1.sys [2015-09-11 478392]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\windows\system32\DRIVERS\klbackupdisk.sys [2015-06-06 53432]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\windows\system32\DRIVERS\klbackupflt.sys [2015-12-01 79752]
R1 klhk;@oem89.inf,%klhkDisplayName%;Kaspersky Lab service driver; C:\windows\system32\DRIVERS\klhk.sys [2017-03-14 244448]
R1 KLIF;Kaspersky Lab Driver; C:\windows\system32\DRIVERS\klif.sys [2017-03-14 1000160]
R1 KLIM6;@oem66.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\windows\system32\DRIVERS\klim6.sys [2016-05-05 51288]
R1 klpd;Kaspersky Lab format recognizer driver; C:\windows\system32\DRIVERS\klpd.sys [2015-12-07 45960]
R1 klwfp;klwfp; C:\windows\system32\DRIVERS\klwfp.sys [2016-08-16 87984]
R1 Klwtp;KLwtp - WFP callout traffic inspector; C:\windows\system32\DRIVERS\klwtp.sys [2017-03-14 116448]
R1 kneps;kneps; C:\windows\system32\DRIVERS\kneps.sys [2015-12-03 194440]
R2 kldisk;kldisk; C:\windows\system32\DRIVERS\kldisk.sys [2015-12-02 78200]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-02-25 4221440]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-03-27 3867992]
R3 iwdbus;@oem54.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 klflt;Kaspersky Lab Kernel DLL; C:\windows\system32\DRIVERS\klflt.sys [2017-03-14 185112]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\windows\system32\DRIVERS\klkbdflt.sys [2015-11-11 52608]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\windows\system32\DRIVERS\klmouflt.sys [2015-06-07 41656]
R3 MEIx64;@oem16.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\TeeDriverx64.sys [2014-03-18 99288]
R3 RTL8168;@oem52.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2014-03-26 839896]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S0 klelam;klelam; C:\windows\system32\DRIVERS\klelam.sys [2015-06-24 30328]
S3 dg_ssudbus;@oem60.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem53.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 ssudmdm;@oem61.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;@oem62.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-12-19 82640]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll" = %windir%\system32\inetsrv\apphostsvc.dll
R2 AVP16.0.1;Služba Kaspersky Anti-Virus 16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [2015-12-22 236928]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 ClickToRunSvc;Služba Klikni a spusti balíka Microsoft Office; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2017-01-17 3042032]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-08-12 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-08-12 298760]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 FirebirdServerKROS_20400;Firebird Server - KROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [2011-10-11 3764224]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-12-07 31776]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-03-18 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-03-18 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-03-18 390616]
R2 lxbk_device;lxbk_device; C:\windows\system32\lxbkcoms.exe [2008-02-19 565928]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-03-27 290520]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-14 271960]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-10-20 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll" = %SystemRoot%\System32\BthHFSrv.dll
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-02-25 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 klvssbrigde64;klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [2015-12-22 152488]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.523\McCHSvc.exe [2017-03-20 404376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-03-20 172488]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; %windir%\system32\svchost.exe -k apphost;"ServiceDll" = %windir%\system32\inetsrv\w3logsvc.dll
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; %windir%\system32\svchost.exe -k iissvcs;"ServiceDll" = %windir%\system32\inetsrv\iisw3adm.dll
-----------------EOF-----------------
Run by HP at 2017-04-10 09:11:18
Microsoft Windows 8.1 so službou Bing
System drive C: has 398 GB (85%) free of 467 GB
Total RAM: 3984 MB (69% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:11:28, on 10.4.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe
C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\trend micro\HP_RSITx64(1).exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {03993315-5CE9-4F00-8790-D14A94F1D91A} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Global Startup: ALFA plus - rýchle spustenie.lnk = C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 16.0.1 (AVP16.0.1) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - KROS_20400 (FirebirdServerKROS_20400) - Firebird Project - C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: klvssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lxbk_device - - C:\windows\system32\lxbkcoms.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.523\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11424 bytes
====== Enumerating Processes ======
C:\windows\system32\wininit.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\dwm.exe
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe" -r
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\windows\system32\taskhostex.exe
C:\windows\Explorer.EXE
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe" -s KROS_20400
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\windows\system32\lxbkcoms.exe -service
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe" -hidden
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe"
"C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exe"
"C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe" /StartUp
"C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\windows\system32\wbem\WmiApSrv.exe
C:\windows\System32\svchost.exe -k swprv
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 548 552 560 65536 556
"C:\Users\HP\Downloads\RSITx64(1).exe"
C:\windows\system32\wbem\wmiprvse.exe
====== Scheduled tasks folder ======
C:\windows\tasks\HPCeeScheduleForHP.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForHP (null)
C:\windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\windows\system32\tasks\Adobe Flash Player Updater - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\windows\system32\tasks\CreateChoiceProcessTask - C:\Windows\BrowserChoice\browserchoice.exe /launch
C:\windows\system32\tasks\HPCeeScheduleForHP - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForHP (null)
C:\windows\system32\tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1940277907-3814265933-3346958118-1001 - %localappdata%\Microsoft\OneDrive\OneDrive.exe /autoupdate
C:\windows\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\windows\system32\tasks\User_Feed_Synchronization-{A52CA3FF-104F-46BA-BC04-E3A96EFDBEB7} - C:\windows\system32\msfeedssync.exe sync
C:\windows\system32\tasks\{838E6F4C-3D17-436B-8B4E-1A7874C62442} - C:\windows\system32\pcalua.exe -a C:\Users\HP\Downloads\OfficeExcel2003XMLToolsAddin.exe -d C:\Users\HP\Downloads
C:\windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1940277907-3814265933-3346958118-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\windows\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\windows\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\windows\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\windows\system32\sc.exe start wuauserv
C:\windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\windows\system32\sc.exe start wuauserv
C:\windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\windows\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\windows\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\windows\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\windows\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\windows\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\windows\system32\MRT.exe /EHB /Q
C:\windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\windows\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\windows\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\windows\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\windows\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\windows\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\windows\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\windows\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /WatchService
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\Product Configurator - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport
C:\windows\system32\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA
=========Mozilla firefox=========
ProfilePath - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.127 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.127 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\extensions\
2020Player_IKEA@2020Technologies.com
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\addons.json
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\extensions.json
20-20 3D Viewer - IKEA - extension - 2020Player_IKEA@2020Technologies.com - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\extensions\2020Player_IKEA@2020Technologies.com
Kaspersky Protection - extension - light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Disable Prefetch - extension - disable-prefetch@mozilla.org - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\features\{b9bb0f3d-e970-4d78-b439-68bb21e1d265}\disable-prefetch@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\features\{b9bb0f3d-e970-4d78-b439-68bb21e1d265}\e10srollout@mozilla.org.xpi
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\pluginreg.dat
Plugin - Shockwave Flash - 25.0.0.127 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll
=========Google Chrome=========
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Docs 0.0.0.6
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 6.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.5
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension felcaaldnbdncclmgdcncolpebgiejap
Extension flliilndjeohchalpbbcdekjklbdgfkk
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension lpeeaghdjmhlakojjcgfdhgcejdaefmi
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 7
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm
Homepage:
default_search_provider.search_url:
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi]
"Path"=https://chrome.google.com/webstore/deta ... gcejdaefmi
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03993315-5CE9-4F00-8790-D14A94F1D91A}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-02 972976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13 229064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-01-31 2351920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21 440712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03993315-5CE9-4F00-8790-D14A94F1D91A}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2016-12-02 751336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21 416320]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
{001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-02 972976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
{001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2016-12-02 751336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-27 13667032]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2014-02-25 391152]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2014-02-25 771568]
"Persistence"=C:\windows\system32\igfxpers.exe [2014-02-25 770544]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"lxbkbmgr.exe"=C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe [2008-02-28 74408]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-03-03 9364696]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ALFA plus - rýchle spustenie.lnk - C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-04-10 08:15:00 ----D---- C:\Program Files\CCleaner
2017-04-10 08:13:27 ----D---- C:\Program Files (x86)\Google
2017-04-06 08:32:50 ----D---- C:\AdwCleaner
2017-04-05 17:47:09 ----D---- C:\Program Files\trend micro
2017-04-05 17:47:06 ----D---- C:\rsit
2017-04-05 15:45:01 ----D---- C:\Program Files (x86)\Adobe
2017-03-15 09:14:16 ----A---- C:\windows\SYSWOW64\iepeers.dll
2017-03-15 09:14:16 ----A---- C:\windows\system32\iertutil.dll
2017-03-15 09:14:16 ----A---- C:\windows\system32\iepeers.dll
2017-03-15 09:14:15 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2017-03-15 09:14:15 ----A---- C:\windows\SYSWOW64\iertutil.dll
2017-03-15 09:14:14 ----A---- C:\windows\SYSWOW64\vbscript.dll
2017-03-15 09:14:14 ----A---- C:\windows\SYSWOW64\urlmon.dll
2017-03-15 09:14:14 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2017-03-15 09:14:13 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2017-03-15 09:14:12 ----A---- C:\windows\SYSWOW64\mshtml.dll
2017-03-15 09:14:12 ----A---- C:\windows\system32\iedkcs32.dll
2017-03-15 09:14:11 ----A---- C:\windows\SYSWOW64\jscript.dll
2017-03-15 09:14:11 ----A---- C:\windows\system32\urlmon.dll
2017-03-15 09:14:10 ----A---- C:\windows\system32\vbscript.dll
2017-03-15 09:14:09 ----A---- C:\windows\SYSWOW64\ieframe.dll
2017-03-15 09:14:09 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2017-03-15 09:14:09 ----A---- C:\windows\system32\msfeeds.dll
2017-03-15 09:14:08 ----A---- C:\windows\SYSWOW64\webcheck.dll
2017-03-15 09:14:08 ----A---- C:\windows\SYSWOW64\jscript9.dll
2017-03-15 09:14:07 ----A---- C:\windows\SYSWOW64\wininet.dll
2017-03-15 09:14:07 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2017-03-15 09:14:07 ----A---- C:\windows\system32\jscript.dll
2017-03-15 09:14:06 ----A---- C:\windows\system32\ieframe.dll
2017-03-15 09:14:06 ----A---- C:\windows\system32\dxtrans.dll
2017-03-15 09:14:05 ----A---- C:\windows\system32\win32k.sys
2017-03-15 09:14:05 ----A---- C:\windows\system32\webcheck.dll
2017-03-15 09:14:05 ----A---- C:\windows\system32\jscript9.dll
2017-03-15 09:14:04 ----A---- C:\windows\system32\wininet.dll
2017-03-15 09:14:04 ----A---- C:\windows\system32\inetcomm.dll
2017-03-15 09:14:03 ----A---- C:\windows\system32\ntoskrnl.exe
2017-03-15 09:14:02 ----A---- C:\windows\system32\mshtml.dll
2017-03-15 09:13:59 ----A---- C:\windows\system32\winresume.exe
2017-03-15 09:13:58 ----A---- C:\windows\system32\winload.exe
2017-03-15 09:13:58 ----A---- C:\windows\system32\gdi32.dll
2017-03-15 09:13:57 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2017-03-15 09:13:57 ----A---- C:\windows\SYSWOW64\gdi32.dll
2017-03-15 09:13:57 ----A---- C:\windows\system32\ieapfltr.dll
2017-03-15 09:13:56 ----A---- C:\windows\system32\glcndFilter.dll
2017-03-15 09:13:55 ----A---- C:\windows\system32\Windows.Data.Pdf.dll
2017-03-15 09:13:54 ----A---- C:\windows\system32\DWrite.dll
2017-03-15 09:13:53 ----A---- C:\windows\SYSWOW64\DWrite.dll
2017-03-15 09:13:53 ----A---- C:\windows\system32\wow64.dll
2017-03-15 09:13:53 ----A---- C:\windows\system32\lsasrv.dll
2017-03-15 09:13:53 ----A---- C:\windows\system32\FntCache.dll
2017-03-15 09:13:49 ----A---- C:\windows\system32\msxml3.dll
2017-03-15 09:13:49 ----A---- C:\windows\system32\GdiPlus.dll
2017-03-15 09:13:48 ----A---- C:\windows\SYSWOW64\Windows.Data.Pdf.dll
2017-03-15 09:13:48 ----A---- C:\windows\SYSWOW64\msxml3.dll
2017-03-15 09:13:48 ----A---- C:\windows\SYSWOW64\glcndFilter.dll
2017-03-15 09:13:47 ----A---- C:\windows\SYSWOW64\GdiPlus.dll
2017-03-15 09:13:47 ----A---- C:\windows\system32\dnsapi.dll
2017-03-15 09:13:46 ----A---- C:\windows\SYSWOW64\dnsapi.dll
2017-03-15 09:13:45 ----A---- C:\windows\system32\microsoft-windows-system-events.dll
2017-03-15 09:13:43 ----A---- C:\windows\system32\drivers\srv2.sys
2017-03-15 09:13:43 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2017-03-15 09:13:42 ----A---- C:\windows\SYSWOW64\quartz.dll
2017-03-15 09:13:42 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2017-03-15 09:13:42 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2017-03-15 09:13:41 ----A---- C:\windows\SYSWOW64\adtschema.dll
2017-03-15 09:13:41 ----A---- C:\windows\system32\quartz.dll
2017-03-15 09:13:41 ----A---- C:\windows\system32\ieetwcollector.exe
2017-03-15 09:13:41 ----A---- C:\windows\system32\adtschema.dll
2017-03-15 09:13:40 ----A---- C:\windows\system32\wininit.exe
2017-03-15 09:13:40 ----A---- C:\windows\system32\drivers\srv.sys
2017-03-15 09:13:40 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2017-03-15 09:13:40 ----A---- C:\windows\HelpPane.exe
2017-03-15 09:13:39 ----A---- C:\windows\SYSWOW64\mscms.dll
2017-03-15 09:13:39 ----A---- C:\windows\system32\mscms.dll
2017-03-15 09:13:39 ----A---- C:\windows\system32\drivers\cng.sys
2017-03-15 09:13:38 ----A---- C:\windows\SYSWOW64\icm32.dll
2017-03-15 09:13:38 ----A---- C:\windows\system32\icm32.dll
2017-03-15 09:13:37 ----A---- C:\windows\SYSWOW64\certcli.dll
2017-03-15 09:13:37 ----A---- C:\windows\system32\dnsrslvr.dll
2017-03-15 09:13:37 ----A---- C:\windows\system32\certcli.dll
2017-03-15 09:13:36 ----A---- C:\windows\SYSWOW64\msobjs.dll
2017-03-15 09:13:36 ----A---- C:\windows\system32\msobjs.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\pcasvc.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\invagent.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\generaltel.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\devinv.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\CompatTelRunner.exe
2017-03-15 09:07:51 ----A---- C:\windows\system32\centel.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\appraiser.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\aepic.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\aeinv.dll
2017-03-15 09:07:50 ----A---- C:\windows\system32\acmigration.dll
====== List of files/folders modified in the last 1 month ======
2017-04-10 09:11:24 ----D---- C:\windows\Prefetch
2017-04-10 09:11:18 ----D---- C:\windows\Temp
2017-04-10 09:07:37 ----D---- C:\windows\Microsoft.NET
2017-04-10 09:07:15 ----D---- C:\windows\debug
2017-04-10 09:02:03 ----D---- C:\windows\system32\sru
2017-04-10 08:52:33 ----D---- C:\Windows
2017-04-10 08:51:43 ----D---- C:\ProgramData\firebird
2017-04-10 08:51:07 ----RD---- C:\windows\System32
2017-04-10 08:51:07 ----D---- C:\windows\Inf
2017-04-10 08:51:07 ----A---- C:\windows\system32\PerfStringBackup.INI
2017-04-10 08:49:48 ----SHD---- C:\windows\Installer
2017-04-10 08:49:48 ----D---- C:\ProgramData\Package Cache
2017-04-10 08:49:46 ----RD---- C:\Program Files (x86)
2017-04-10 08:49:46 ----D---- C:\ProgramData\Avira
2017-04-10 08:45:27 ----D---- C:\ProgramData\Kaspersky Lab
2017-04-10 08:44:54 ----SHD---- C:\System Volume Information
2017-04-10 08:43:41 ----D---- C:\Users\HP\AppData\Roaming\ClassicShell
2017-04-10 08:38:13 ----D---- C:\windows\system32\Tasks
2017-04-10 08:36:24 ----D---- C:\Users\HP\AppData\Roaming\Avira
2017-04-10 08:36:20 ----D---- C:\windows\system32\drivers
2017-04-10 08:29:10 ----D---- C:\windows\Panther
2017-04-10 08:29:09 ----D---- C:\windows\Logs
2017-04-10 08:25:11 ----D---- C:\windows\Tasks
2017-04-10 08:15:00 ----RD---- C:\Program Files
2017-04-10 08:13:58 ----D---- C:\windows\SysWOW64
2017-04-06 09:25:18 ----D---- C:\temp
2017-04-05 15:42:32 ----D---- C:\ProgramData\Adobe
2017-04-03 08:47:17 ----D---- C:\windows\system32\config
2017-03-30 10:35:20 ----D---- C:\Program Files\McAfee Security Scan
2017-03-30 10:30:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-30 10:30:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-03-29 08:12:24 ----D---- C:\windows\system32\DriverStore
2017-03-29 08:12:11 ----D---- C:\windows\CbsTemp
2017-03-24 09:58:10 ----RSD---- C:\windows\assembly
2017-03-24 08:58:40 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-03-24 08:56:50 ----D---- C:\Program Files\Microsoft Office 15
2017-03-20 12:35:06 ----D---- C:\windows\rescache
2017-03-20 10:04:04 ----D---- C:\windows\WinSxS
2017-03-20 09:55:37 ----D---- C:\windows\system32\appraiser
2017-03-20 09:55:36 ----D---- C:\windows\apppatch
2017-03-20 09:55:32 ----D---- C:\Program Files\Internet Explorer
2017-03-20 09:55:32 ----D---- C:\Program Files (x86)\Internet Explorer
2017-03-20 09:55:31 ----D---- C:\windows\SYSWOW64\en-US
2017-03-20 09:55:28 ----D---- C:\windows\system32\en-US
2017-03-15 09:24:09 ----D---- C:\windows\AppReadiness
2017-03-15 09:24:08 ----HD---- C:\Program Files\WindowsApps
2017-03-15 09:20:55 ----D---- C:\windows\system32\MRT
2017-03-15 09:18:03 ----AC---- C:\windows\system32\MRT.exe
2017-03-15 09:02:20 ----D---- C:\windows\system32\catroot2
2017-03-14 12:28:20 ----D---- C:\windows\system32\catroot
2017-03-14 12:01:12 ----D---- C:\windows\system32\Macromed
2017-03-14 12:01:09 ----D---- C:\windows\SYSWOW64\Macromed
File C:\windows\system32\winlogon.exe is digitally signed
File C:\windows\system32\wininit.exe is digitally signed
File C:\windows\explorer.exe is digitally signed
File C:\windows\SysWOW64\explorer.exe is digitally signed
File C:\windows\system32\svchost.exe is digitally signed
File C:\windows\SysWOW64\svchost.exe is digitally signed
File C:\windows\system32\services.exe is digitally signed
File C:\windows\system32\User32.dll is digitally signed
File C:\windows\SysWOW64\User32.dll is digitally signed
File C:\windows\system32\userinit.exe is digitally signed
File C:\windows\SysWOW64\userinit.exe is digitally signed
File C:\windows\system32\rpcss.dll is digitally signed
File C:\windows\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak); C:\windows\system32\DRIVERS\cm_km.sys [2015-07-06 389816]
R0 kl1;kl1; C:\windows\system32\DRIVERS\kl1.sys [2015-09-11 478392]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\windows\system32\DRIVERS\klbackupdisk.sys [2015-06-06 53432]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\windows\system32\DRIVERS\klbackupflt.sys [2015-12-01 79752]
R1 klhk;@oem89.inf,%klhkDisplayName%;Kaspersky Lab service driver; C:\windows\system32\DRIVERS\klhk.sys [2017-03-14 244448]
R1 KLIF;Kaspersky Lab Driver; C:\windows\system32\DRIVERS\klif.sys [2017-03-14 1000160]
R1 KLIM6;@oem66.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\windows\system32\DRIVERS\klim6.sys [2016-05-05 51288]
R1 klpd;Kaspersky Lab format recognizer driver; C:\windows\system32\DRIVERS\klpd.sys [2015-12-07 45960]
R1 klwfp;klwfp; C:\windows\system32\DRIVERS\klwfp.sys [2016-08-16 87984]
R1 Klwtp;KLwtp - WFP callout traffic inspector; C:\windows\system32\DRIVERS\klwtp.sys [2017-03-14 116448]
R1 kneps;kneps; C:\windows\system32\DRIVERS\kneps.sys [2015-12-03 194440]
R2 kldisk;kldisk; C:\windows\system32\DRIVERS\kldisk.sys [2015-12-02 78200]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-02-25 4221440]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-03-27 3867992]
R3 iwdbus;@oem54.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 klflt;Kaspersky Lab Kernel DLL; C:\windows\system32\DRIVERS\klflt.sys [2017-03-14 185112]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\windows\system32\DRIVERS\klkbdflt.sys [2015-11-11 52608]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\windows\system32\DRIVERS\klmouflt.sys [2015-06-07 41656]
R3 MEIx64;@oem16.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\TeeDriverx64.sys [2014-03-18 99288]
R3 RTL8168;@oem52.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2014-03-26 839896]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S0 klelam;klelam; C:\windows\system32\DRIVERS\klelam.sys [2015-06-24 30328]
S3 dg_ssudbus;@oem60.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem53.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 ssudmdm;@oem61.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;@oem62.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-12-19 82640]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll" = %windir%\system32\inetsrv\apphostsvc.dll
R2 AVP16.0.1;Služba Kaspersky Anti-Virus 16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [2015-12-22 236928]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 ClickToRunSvc;Služba Klikni a spusti balíka Microsoft Office; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2017-01-17 3042032]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-08-12 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-08-12 298760]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 FirebirdServerKROS_20400;Firebird Server - KROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [2011-10-11 3764224]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-12-07 31776]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-03-18 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-03-18 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-03-18 390616]
R2 lxbk_device;lxbk_device; C:\windows\system32\lxbkcoms.exe [2008-02-19 565928]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-03-27 290520]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-14 271960]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-10-20 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll" = %SystemRoot%\System32\BthHFSrv.dll
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-02-25 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 klvssbrigde64;klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [2015-12-22 152488]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.523\McCHSvc.exe [2017-03-20 404376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-03-20 172488]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; %windir%\system32\svchost.exe -k apphost;"ServiceDll" = %windir%\system32\inetsrv\w3logsvc.dll
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; %windir%\system32\svchost.exe -k iissvcs;"ServiceDll" = %windir%\system32\inetsrv\iisw3adm.dll
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomaleee PC
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files\McAfee Security Scan
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
:services
McComponentHostService
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomaleee PC
All processes killed
========== FILES ==========
C:\Program Files\McAfee Security Scan\3.11.523\sacoredata folder moved successfully.
Folder move failed. C:\Program Files\McAfee Security Scan\3.11.523 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\McAfee Security Scan scheduled to be moved on reboot.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk moved successfully.
========== SERVICES/DRIVERS ==========
Service McComponentHostService stopped successfully!
Service McComponentHostService deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: HP
->Temp folder emptied: 8867852 bytes
->Temporary Internet Files folder emptied: 5964743 bytes
->FireFox cache emptied: 288515686 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 776 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 27474517 bytes
RecycleBin emptied: 45568 bytes
Total Files Cleaned = 316,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: HP
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 04122017_160655
Files moved on Reboot...
C:\Program Files\McAfee Security Scan\3.11.523 folder moved successfully.
C:\Program Files\McAfee Security Scan folder moved successfully.
C:\Users\HP\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\HP\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
C:\windows\temp\HP Support Framework\HPSF_Config1.dll moved successfully.
File move failed. C:\windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
C:\windows\temp\HP-PC-20170410-0844.log moved successfully.
C:\windows\temp\obu13F1.tmp moved successfully.
C:\windows\temp\obu151B.tmp moved successfully.
C:\windows\temp\obu157A.tmp moved successfully.
C:\windows\temp\obu700D.tmp moved successfully.
C:\windows\temp\obuEB0F.tmp moved successfully.
C:\windows\temp\officeclicktorun.exe_c2ruidll(201704100844565FC).log moved successfully.
C:\windows\temp\officeclicktorun.exe_streamserver(201704100844565FC).log moved successfully.
Registry entries deleted on Reboot...
========== FILES ==========
C:\Program Files\McAfee Security Scan\3.11.523\sacoredata folder moved successfully.
Folder move failed. C:\Program Files\McAfee Security Scan\3.11.523 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\McAfee Security Scan scheduled to be moved on reboot.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk moved successfully.
========== SERVICES/DRIVERS ==========
Service McComponentHostService stopped successfully!
Service McComponentHostService deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: HP
->Temp folder emptied: 8867852 bytes
->Temporary Internet Files folder emptied: 5964743 bytes
->FireFox cache emptied: 288515686 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 776 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 27474517 bytes
RecycleBin emptied: 45568 bytes
Total Files Cleaned = 316,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: HP
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 04122017_160655
Files moved on Reboot...
C:\Program Files\McAfee Security Scan\3.11.523 folder moved successfully.
C:\Program Files\McAfee Security Scan folder moved successfully.
C:\Users\HP\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\HP\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
C:\windows\temp\HP Support Framework\HPSF_Config1.dll moved successfully.
File move failed. C:\windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
C:\windows\temp\HP-PC-20170410-0844.log moved successfully.
C:\windows\temp\obu13F1.tmp moved successfully.
C:\windows\temp\obu151B.tmp moved successfully.
C:\windows\temp\obu157A.tmp moved successfully.
C:\windows\temp\obu700D.tmp moved successfully.
C:\windows\temp\obuEB0F.tmp moved successfully.
C:\windows\temp\officeclicktorun.exe_c2ruidll(201704100844565FC).log moved successfully.
C:\windows\temp\officeclicktorun.exe_streamserver(201704100844565FC).log moved successfully.
Registry entries deleted on Reboot...
Re: Pomaleee PC
Logfile of random's system information tool 1.16 (written by random/random)
Run by HP at 2017-04-12 16:30:59
Microsoft Windows 8.1 so službou Bing
System drive C: has 407 GB (87%) free of 467 GB
Total RAM: 3984 MB (50% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:31:08, on 12.4.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe
C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe
C:\Program Files\trend micro\HP_RSITx64(2).exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {03993315-5CE9-4F00-8790-D14A94F1D91A} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Global Startup: ALFA plus - rýchle spustenie.lnk = C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 16.0.1 (AVP16.0.1) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - KROS_20400 (FirebirdServerKROS_20400) - Firebird Project - C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: klvssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lxbk_device - - C:\windows\system32\lxbkcoms.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11268 bytes
====== Enumerating Processes ======
C:\windows\system32\wininit.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\dwm.exe
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe" -r
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe" -s KROS_20400
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\windows\system32\lxbkcoms.exe -service
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhostex.exe
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe" -hidden
C:\windows\system32\SearchIndexer.exe /Embedding
C:\Program Files\Classic Shell\ClassicStartMenu.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\windows\system32\igfxsrvc.exe" -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe"
"C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exe"
"C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe" /StartUp
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
C:\windows\system32\taskeng.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\windows\system32\msiexec.exe /V
C:\windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\windows\System32\rundll32.exe
C:\windows\System32\svchost.exe -k WerSvcGroup
"C:\windows\system32\RunDll32.exe" "C:\windows\system32\WerConCpl.dll", LaunchErcApp -responsepester
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe"
"C:\Users\HP\Desktop\RSITx64(2).exe"
"C:\windows\system32\SearchFilterHost.exe" 0 604 608 616 65536 612
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\taskhost.exe
====== Scheduled tasks folder ======
C:\windows\tasks\HPCeeScheduleForHP.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForHP (null)
C:\windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\windows\system32\tasks\Adobe Flash Player Updater - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\windows\system32\tasks\CreateChoiceProcessTask - C:\Windows\BrowserChoice\browserchoice.exe /launch
C:\windows\system32\tasks\HPCeeScheduleForHP - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForHP (null)
C:\windows\system32\tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1940277907-3814265933-3346958118-1001 - %localappdata%\Microsoft\OneDrive\OneDrive.exe /autoupdate
C:\windows\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\windows\system32\tasks\User_Feed_Synchronization-{A52CA3FF-104F-46BA-BC04-E3A96EFDBEB7} - C:\windows\system32\msfeedssync.exe sync
C:\windows\system32\tasks\{838E6F4C-3D17-436B-8B4E-1A7874C62442} - C:\windows\system32\pcalua.exe -a C:\Users\HP\Downloads\OfficeExcel2003XMLToolsAddin.exe -d C:\Users\HP\Downloads
C:\windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1940277907-3814265933-3346958118-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\windows\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\windows\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\windows\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\windows\system32\sc.exe start wuauserv
C:\windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\windows\system32\sc.exe start wuauserv
C:\windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\windows\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\windows\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\windows\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\windows\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\windows\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\windows\system32\MRT.exe /EHB /Q
C:\windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\windows\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\windows\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\windows\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\windows\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\windows\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\windows\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\windows\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /WatchService
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\Product Configurator - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport
C:\windows\system32\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA
=========Mozilla firefox=========
ProfilePath - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.148 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.148 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\extensions\
2020Player_IKEA@2020Technologies.com
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\addons.json
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\extensions.json
20-20 3D Viewer - IKEA - extension - 2020Player_IKEA@2020Technologies.com - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\extensions\2020Player_IKEA@2020Technologies.com
Kaspersky Protection - extension - light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Disable Prefetch - extension - disable-prefetch@mozilla.org - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\features\{b9bb0f3d-e970-4d78-b439-68bb21e1d265}\disable-prefetch@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\features\{b9bb0f3d-e970-4d78-b439-68bb21e1d265}\e10srollout@mozilla.org.xpi
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\pluginreg.dat
Plugin - Shockwave Flash - 25.0.0.148 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll
=========Google Chrome=========
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Docs 0.0.0.6
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 6.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.5
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension felcaaldnbdncclmgdcncolpebgiejap
Extension flliilndjeohchalpbbcdekjklbdgfkk
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension lpeeaghdjmhlakojjcgfdhgcejdaefmi
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 7
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm
Homepage:
default_search_provider.search_url:
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi]
"Path"=https://chrome.google.com/webstore/deta ... gcejdaefmi
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03993315-5CE9-4F00-8790-D14A94F1D91A}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-02 972976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13 229064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-01-31 2351920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21 440712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03993315-5CE9-4F00-8790-D14A94F1D91A}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2016-12-02 751336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21 416320]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
{001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-02 972976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
{001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2016-12-02 751336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-27 13667032]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2014-02-25 391152]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2014-02-25 771568]
"Persistence"=C:\windows\system32\igfxpers.exe [2014-02-25 770544]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"lxbkbmgr.exe"=C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe [2008-02-28 74408]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-03-03 9364696]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ALFA plus - rýchle spustenie.lnk - C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-04-12 16:17:03 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2017-04-12 16:06:55 ----D---- C:\_OTM
2017-04-12 10:27:26 ----A---- C:\windows\SYSWOW64\msvcp120_clr0400.dll
2017-04-12 10:27:26 ----A---- C:\windows\system32\msvcp120_clr0400.dll
2017-04-12 10:27:24 ----A---- C:\windows\SYSWOW64\msvcr120_clr0400.dll
2017-04-12 10:27:24 ----A---- C:\windows\system32\msvcr120_clr0400.dll
2017-04-12 09:51:41 ----A---- C:\windows\system32\mshtml.dll
2017-04-12 09:51:38 ----A---- C:\windows\SYSWOW64\mshtml.dll
2017-04-12 09:51:37 ----A---- C:\windows\system32\ieframe.dll
2017-04-12 09:51:36 ----A---- C:\windows\SYSWOW64\ieframe.dll
2017-04-12 09:51:35 ----A---- C:\windows\SYSWOW64\jscript9.dll
2017-04-12 09:51:34 ----A---- C:\windows\system32\wuaueng.dll
2017-04-12 09:51:34 ----A---- C:\windows\system32\win32k.sys
2017-04-12 09:51:32 ----A---- C:\windows\SYSWOW64\wininet.dll
2017-04-12 09:51:32 ----A---- C:\windows\system32\wininet.dll
2017-04-12 09:51:31 ----A---- C:\windows\SYSWOW64\storagewmi.dll
2017-04-12 09:51:31 ----A---- C:\windows\system32\storagewmi.dll
2017-04-12 09:51:31 ----A---- C:\windows\system32\iertutil.dll
2017-04-12 09:51:26 ----A---- C:\windows\SYSWOW64\mispace.dll
2017-04-12 09:51:26 ----A---- C:\windows\SYSWOW64\iertutil.dll
2017-04-12 09:51:26 ----A---- C:\windows\system32\ole32.dll
2017-04-12 09:51:26 ----A---- C:\windows\system32\mispace.dll
2017-04-12 09:51:25 ----A---- C:\windows\system32\urlmon.dll
2017-04-12 09:51:25 ----A---- C:\windows\system32\rdpcorets.dll
2017-04-12 09:51:25 ----A---- C:\windows\system32\mfmp4srcsnk.dll
2017-04-12 09:51:24 ----A---- C:\windows\SYSWOW64\urlmon.dll
2017-04-12 09:51:24 ----A---- C:\windows\SYSWOW64\ole32.dll
2017-04-12 09:51:24 ----A---- C:\windows\SYSWOW64\mfmp4srcsnk.dll
2017-04-12 09:51:23 ----A---- C:\windows\system32\drivers\WdFilter.sys
2017-04-12 09:51:22 ----A---- C:\windows\system32\wuapi.dll
2017-04-12 09:51:22 ----A---- C:\windows\system32\samsrv.dll
2017-04-12 09:51:22 ----A---- C:\windows\system32\quartz.dll
2017-04-12 09:51:22 ----A---- C:\windows\system32\netlogon.dll
2017-04-12 09:51:22 ----A---- C:\windows\system32\gdi32.dll
2017-04-12 09:51:21 ----A---- C:\windows\SYSWOW64\quartz.dll
2017-04-12 09:51:21 ----A---- C:\windows\SYSWOW64\gdi32.dll
2017-04-12 09:51:21 ----A---- C:\windows\system32\WindowsCodecs.dll
2017-04-12 09:51:21 ----A---- C:\windows\system32\win32spl.dll
2017-04-12 09:51:21 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2017-04-12 09:51:20 ----A---- C:\windows\SYSWOW64\wuapi.dll
2017-04-12 09:51:20 ----A---- C:\windows\SYSWOW64\SessEnv.dll
2017-04-12 09:51:20 ----A---- C:\windows\system32\SessEnv.dll
2017-04-12 09:51:19 ----A---- C:\windows\SYSWOW64\netlogon.dll
2017-04-12 09:51:19 ----A---- C:\windows\system32\wucltux.dll
2017-04-12 09:51:19 ----A---- C:\windows\system32\drivers\ndis.sys
2017-04-12 09:51:18 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2017-04-12 09:51:18 ----A---- C:\windows\system32\ucrtbase.dll
2017-04-12 09:51:18 ----A---- C:\windows\system32\puiobj.dll
2017-04-12 09:51:18 ----A---- C:\windows\system32\drivers\WdNisDrv.sys
2017-04-12 09:51:18 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2017-04-12 09:51:17 ----A---- C:\windows\SYSWOW64\atmfd.dll
2017-04-12 09:51:17 ----A---- C:\windows\system32\msfeeds.dll
2017-04-12 09:51:17 ----A---- C:\windows\system32\atmfd.dll
2017-04-12 09:51:16 ----A---- C:\windows\system32\WinSCard.dll
2017-04-12 09:51:16 ----A---- C:\windows\system32\certprop.dll
2017-04-12 09:51:15 ----A---- C:\windows\SYSWOW64\DafPrintProvider.dll
2017-04-12 09:51:15 ----A---- C:\windows\system32\drivers\storport.sys
2017-04-12 09:51:15 ----A---- C:\windows\system32\DafPrintProvider.dll
2017-04-12 09:51:14 ----A---- C:\windows\SYSWOW64\WinSCard.dll
2017-04-12 09:51:14 ----A---- C:\windows\system32\ScDeviceEnum.dll
2017-04-12 09:51:14 ----A---- C:\windows\system32\drivers\WdBoot.sys
2017-04-12 09:51:13 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2017-04-12 09:51:12 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2017-04-12 09:51:12 ----A---- C:\windows\system32\drivers\dfsc.sys
2017-04-12 09:51:11 ----A---- C:\windows\system32\samlib.dll
2017-04-12 09:51:11 ----A---- C:\windows\system32\drivers\http.sys
2017-04-12 09:51:11 ----A---- C:\windows\system32\drivers\BasicRender.sys
2017-04-12 09:51:10 ----A---- C:\windows\system32\rdpudd.dll
2017-04-12 09:51:10 ----A---- C:\windows\system32\drivers\spaceport.sys
2017-04-12 09:51:09 ----A---- C:\windows\SYSWOW64\samlib.dll
2017-04-12 09:51:08 ----A---- C:\windows\SYSWOW64\ucrtbase.dll
2017-04-12 09:51:04 ----A---- C:\windows\SYSWOW64\asycfilt.dll
2017-04-12 09:51:04 ----A---- C:\windows\system32\wuauclt.exe
2017-04-12 09:51:04 ----A---- C:\windows\system32\jscript.dll
2017-04-12 09:51:03 ----A---- C:\windows\system32\WUSettingsProvider.dll
2017-04-12 09:51:03 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2017-04-12 09:51:03 ----A---- C:\windows\system32\asycfilt.dll
2017-04-12 09:51:02 ----A---- C:\windows\system32\webcheck.dll
2017-04-12 09:51:02 ----A---- C:\windows\system32\jscript9.dll
2017-04-12 09:51:01 ----A---- C:\windows\SYSWOW64\webcheck.dll
2017-04-12 09:51:01 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2017-04-12 09:51:01 ----A---- C:\windows\SYSWOW64\mfmjpegdec.dll
2017-04-12 09:51:01 ----A---- C:\windows\system32\mfmjpegdec.dll
2017-04-12 09:51:01 ----A---- C:\windows\system32\iedkcs32.dll
2017-04-12 09:51:00 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2017-04-12 09:50:59 ----A---- C:\windows\system32\inetcomm.dll
2017-04-12 09:50:59 ----A---- C:\windows\system32\ie4uinit.exe
2017-04-12 09:50:59 ----A---- C:\windows\system32\drivers\scfilter.sys
2017-04-12 09:50:58 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2017-04-12 09:50:58 ----A---- C:\windows\SYSWOW64\wudriver.dll
2017-04-12 09:50:58 ----A---- C:\windows\SYSWOW64\vbscript.dll
2017-04-12 09:50:58 ----A---- C:\windows\SYSWOW64\jscript.dll
2017-04-12 09:50:58 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2017-04-12 09:50:58 ----A---- C:\windows\system32\wuwebv.dll
2017-04-12 09:50:58 ----A---- C:\windows\system32\wudriver.dll
2017-04-12 09:50:58 ----A---- C:\windows\system32\vbscript.dll
2017-04-12 09:50:58 ----A---- C:\windows\system32\ieapfltr.dll
2017-04-12 09:50:57 ----A---- C:\windows\SYSWOW64\wuapp.exe
2017-04-12 09:50:57 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2017-04-12 09:50:57 ----A---- C:\windows\SYSWOW64\atmlib.dll
2017-04-12 09:50:57 ----A---- C:\windows\system32\wuapp.exe
2017-04-12 09:50:57 ----A---- C:\windows\system32\atmlib.dll
2017-04-10 08:15:00 ----D---- C:\Program Files\CCleaner
2017-04-10 08:13:27 ----D---- C:\Program Files (x86)\Google
2017-04-06 08:32:50 ----D---- C:\AdwCleaner
2017-04-05 17:47:09 ----D---- C:\Program Files\trend micro
2017-04-05 17:47:06 ----D---- C:\rsit
2017-04-05 15:45:01 ----D---- C:\Program Files (x86)\Adobe
2017-03-15 09:14:16 ----A---- C:\windows\SYSWOW64\iepeers.dll
2017-03-15 09:14:16 ----A---- C:\windows\system32\iepeers.dll
2017-03-15 09:14:15 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2017-03-15 09:14:09 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2017-03-15 09:14:06 ----A---- C:\windows\system32\dxtrans.dll
2017-03-15 09:14:03 ----A---- C:\windows\system32\ntoskrnl.exe
2017-03-15 09:13:59 ----A---- C:\windows\system32\winresume.exe
2017-03-15 09:13:58 ----A---- C:\windows\system32\winload.exe
2017-03-15 09:13:56 ----A---- C:\windows\system32\glcndFilter.dll
2017-03-15 09:13:55 ----A---- C:\windows\system32\Windows.Data.Pdf.dll
2017-03-15 09:13:54 ----A---- C:\windows\system32\DWrite.dll
2017-03-15 09:13:53 ----A---- C:\windows\SYSWOW64\DWrite.dll
2017-03-15 09:13:53 ----A---- C:\windows\system32\wow64.dll
2017-03-15 09:13:53 ----A---- C:\windows\system32\lsasrv.dll
2017-03-15 09:13:53 ----A---- C:\windows\system32\FntCache.dll
2017-03-15 09:13:49 ----A---- C:\windows\system32\msxml3.dll
2017-03-15 09:13:49 ----A---- C:\windows\system32\GdiPlus.dll
2017-03-15 09:13:48 ----A---- C:\windows\SYSWOW64\Windows.Data.Pdf.dll
2017-03-15 09:13:48 ----A---- C:\windows\SYSWOW64\msxml3.dll
2017-03-15 09:13:48 ----A---- C:\windows\SYSWOW64\glcndFilter.dll
2017-03-15 09:13:47 ----A---- C:\windows\SYSWOW64\GdiPlus.dll
2017-03-15 09:13:47 ----A---- C:\windows\system32\dnsapi.dll
2017-03-15 09:13:46 ----A---- C:\windows\SYSWOW64\dnsapi.dll
2017-03-15 09:13:45 ----A---- C:\windows\system32\microsoft-windows-system-events.dll
2017-03-15 09:13:43 ----A---- C:\windows\system32\drivers\srv2.sys
2017-03-15 09:13:42 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2017-03-15 09:13:41 ----A---- C:\windows\SYSWOW64\adtschema.dll
2017-03-15 09:13:41 ----A---- C:\windows\system32\ieetwcollector.exe
2017-03-15 09:13:41 ----A---- C:\windows\system32\adtschema.dll
2017-03-15 09:13:40 ----A---- C:\windows\system32\wininit.exe
2017-03-15 09:13:40 ----A---- C:\windows\system32\drivers\srv.sys
2017-03-15 09:13:40 ----A---- C:\windows\HelpPane.exe
2017-03-15 09:13:39 ----A---- C:\windows\SYSWOW64\mscms.dll
2017-03-15 09:13:39 ----A---- C:\windows\system32\mscms.dll
2017-03-15 09:13:39 ----A---- C:\windows\system32\drivers\cng.sys
2017-03-15 09:13:38 ----A---- C:\windows\SYSWOW64\icm32.dll
2017-03-15 09:13:38 ----A---- C:\windows\system32\icm32.dll
2017-03-15 09:13:37 ----A---- C:\windows\SYSWOW64\certcli.dll
2017-03-15 09:13:37 ----A---- C:\windows\system32\dnsrslvr.dll
2017-03-15 09:13:37 ----A---- C:\windows\system32\certcli.dll
2017-03-15 09:13:36 ----A---- C:\windows\SYSWOW64\msobjs.dll
2017-03-15 09:13:36 ----A---- C:\windows\system32\msobjs.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\pcasvc.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\invagent.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\generaltel.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\devinv.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\CompatTelRunner.exe
2017-03-15 09:07:51 ----A---- C:\windows\system32\centel.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\appraiser.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\aepic.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\aeinv.dll
2017-03-15 09:07:50 ----A---- C:\windows\system32\acmigration.dll
====== List of files/folders modified in the last 1 month ======
2017-04-12 16:31:07 ----D---- C:\windows\Temp
2017-04-12 16:31:06 ----D---- C:\windows\Prefetch
2017-04-12 16:27:36 ----D---- C:\windows\Inf
2017-04-12 16:27:34 ----D---- C:\windows\debug
2017-04-12 16:27:34 ----D---- C:\Windows
2017-04-12 16:25:41 ----D---- C:\windows\system32\config
2017-04-12 16:23:51 ----D---- C:\ProgramData\firebird
2017-04-12 16:23:02 ----RD---- C:\windows\System32
2017-04-12 16:23:02 ----A---- C:\windows\system32\PerfStringBackup.INI
2017-04-12 16:17:27 ----RD---- C:\Program Files
2017-04-12 16:17:26 ----D---- C:\ProgramData\Kaspersky Lab
2017-04-12 16:17:13 ----D---- C:\windows\Microsoft.NET
2017-04-12 16:17:10 ----D---- C:\windows\WinSxS
2017-04-12 16:17:03 ----D---- C:\windows\SysWOW64
2017-04-12 16:16:23 ----D---- C:\windows\system32\DriverStore
2017-04-12 16:16:05 ----SHD---- C:\System Volume Information
2017-04-12 16:10:50 ----RD---- C:\windows\ToastData
2017-04-12 16:10:48 ----D---- C:\Program Files\Windows Defender
2017-04-12 16:10:48 ----D---- C:\Program Files\Internet Explorer
2017-04-12 16:10:48 ----D---- C:\Program Files (x86)\Windows Defender
2017-04-12 16:10:48 ----D---- C:\Program Files (x86)\Internet Explorer
2017-04-12 16:10:47 ----D---- C:\windows\SYSWOW64\wbem
2017-04-12 16:10:47 ----D---- C:\windows\SYSWOW64\sk-SK
2017-04-12 16:10:47 ----D---- C:\windows\SYSWOW64\inetsrv
2017-04-12 16:10:47 ----D---- C:\windows\SYSWOW64\en-US
2017-04-12 16:10:46 ----D---- C:\windows\system32\wbem
2017-04-12 16:10:46 ----D---- C:\windows\system32\sk-SK
2017-04-12 16:10:46 ----D---- C:\windows\system32\inetsrv
2017-04-12 16:10:46 ----D---- C:\windows\system32\en-US
2017-04-12 16:10:46 ----D---- C:\windows\system32\drivers\en-US
2017-04-12 16:10:46 ----D---- C:\windows\system32\drivers
2017-04-12 16:00:00 ----D---- C:\windows\system32\sru
2017-04-12 10:33:07 ----D---- C:\windows\system32\MRT
2017-04-12 10:30:18 ----AC---- C:\windows\system32\MRT.exe
2017-04-12 10:30:09 ----D---- C:\windows\CbsTemp
2017-04-12 10:27:58 ----D---- C:\windows\system32\catroot2
2017-04-12 09:23:01 ----D---- C:\windows\system32\Macromed
2017-04-12 09:22:56 ----D---- C:\windows\SYSWOW64\Macromed
2017-04-11 15:46:14 ----D---- C:\temp
2017-04-11 15:45:34 ----D---- C:\Users\HP\AppData\Roaming\ClassicShell
2017-04-10 08:49:48 ----SHD---- C:\windows\Installer
2017-04-10 08:49:48 ----D---- C:\ProgramData\Package Cache
2017-04-10 08:49:46 ----RD---- C:\Program Files (x86)
2017-04-10 08:49:46 ----D---- C:\ProgramData\Avira
2017-04-10 08:38:13 ----D---- C:\windows\system32\Tasks
2017-04-10 08:36:24 ----D---- C:\Users\HP\AppData\Roaming\Avira
2017-04-10 08:29:10 ----D---- C:\windows\Panther
2017-04-10 08:29:09 ----D---- C:\windows\Logs
2017-04-10 08:25:11 ----D---- C:\windows\Tasks
2017-04-05 15:42:32 ----D---- C:\ProgramData\Adobe
2017-03-30 10:30:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-30 10:30:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-03-24 09:58:10 ----RSD---- C:\windows\assembly
2017-03-24 08:58:40 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-03-24 08:56:50 ----D---- C:\Program Files\Microsoft Office 15
2017-03-20 12:35:06 ----D---- C:\windows\rescache
2017-03-20 09:55:37 ----D---- C:\windows\system32\appraiser
2017-03-20 09:55:36 ----D---- C:\windows\apppatch
2017-03-15 09:24:09 ----D---- C:\windows\AppReadiness
2017-03-15 09:24:08 ----HD---- C:\Program Files\WindowsApps
2017-03-14 12:28:20 ----D---- C:\windows\system32\catroot
File C:\windows\system32\winlogon.exe is digitally signed
File C:\windows\system32\wininit.exe is digitally signed
File C:\windows\explorer.exe is digitally signed
File C:\windows\SysWOW64\explorer.exe is digitally signed
File C:\windows\system32\svchost.exe is digitally signed
File C:\windows\SysWOW64\svchost.exe is digitally signed
File C:\windows\system32\services.exe is digitally signed
File C:\windows\system32\User32.dll is digitally signed
File C:\windows\SysWOW64\User32.dll is digitally signed
File C:\windows\system32\userinit.exe is digitally signed
File C:\windows\SysWOW64\userinit.exe is digitally signed
File C:\windows\system32\rpcss.dll is digitally signed
File C:\windows\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak); C:\windows\system32\DRIVERS\cm_km.sys [2015-07-06 389816]
R0 kl1;kl1; C:\windows\system32\DRIVERS\kl1.sys [2015-09-11 478392]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\windows\system32\DRIVERS\klbackupdisk.sys [2015-06-06 53432]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\windows\system32\DRIVERS\klbackupflt.sys [2015-12-01 79752]
R1 klhk;@oem89.inf,%klhkDisplayName%;Kaspersky Lab service driver; C:\windows\system32\DRIVERS\klhk.sys [2017-03-14 244448]
R1 KLIF;Kaspersky Lab Driver; C:\windows\system32\DRIVERS\klif.sys [2017-03-14 1000160]
R1 KLIM6;@oem66.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\windows\system32\DRIVERS\klim6.sys [2016-05-05 51288]
R1 klpd;Kaspersky Lab format recognizer driver; C:\windows\system32\DRIVERS\klpd.sys [2015-12-07 45960]
R1 klwfp;klwfp; C:\windows\system32\DRIVERS\klwfp.sys [2016-08-16 87984]
R1 Klwtp;KLwtp - WFP callout traffic inspector; C:\windows\system32\DRIVERS\klwtp.sys [2017-03-14 116448]
R1 kneps;kneps; C:\windows\system32\DRIVERS\kneps.sys [2015-12-03 194440]
R2 kldisk;kldisk; C:\windows\system32\DRIVERS\kldisk.sys [2015-12-02 78200]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-02-25 4221440]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-03-27 3867992]
R3 iwdbus;@oem54.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 klflt;Kaspersky Lab Kernel DLL; C:\windows\system32\DRIVERS\klflt.sys [2017-03-14 185112]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\windows\system32\DRIVERS\klkbdflt.sys [2015-11-11 52608]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\windows\system32\DRIVERS\klmouflt.sys [2015-06-07 41656]
R3 MEIx64;@oem16.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\TeeDriverx64.sys [2014-03-18 99288]
R3 RTL8168;@oem52.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2014-03-26 839896]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S0 klelam;klelam; C:\windows\system32\DRIVERS\klelam.sys [2015-06-24 30328]
S3 dg_ssudbus;@oem60.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem53.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 ssudmdm;@oem61.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;@oem62.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-12-19 82640]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll" = %windir%\system32\inetsrv\apphostsvc.dll
R2 AVP16.0.1;Služba Kaspersky Anti-Virus 16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [2015-12-22 236928]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 ClickToRunSvc;Služba Klikni a spusti balíka Microsoft Office; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2017-01-17 3042032]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-08-12 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-08-12 298760]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 FirebirdServerKROS_20400;Firebird Server - KROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [2011-10-11 3764224]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-12-07 31776]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-03-18 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-03-18 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-03-18 390616]
R2 lxbk_device;lxbk_device; C:\windows\system32\lxbkcoms.exe [2008-02-19 565928]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-03-27 290520]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-12 271448]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-10-20 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll" = %SystemRoot%\System32\BthHFSrv.dll
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-02-25 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 klvssbrigde64;klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [2015-12-22 152488]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-03-20 172488]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; %windir%\system32\svchost.exe -k apphost;"ServiceDll" = %windir%\system32\inetsrv\w3logsvc.dll
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; %windir%\system32\svchost.exe -k iissvcs;"ServiceDll" = %windir%\system32\inetsrv\iisw3adm.dll
-----------------EOF-----------------
Run by HP at 2017-04-12 16:30:59
Microsoft Windows 8.1 so službou Bing
System drive C: has 407 GB (87%) free of 467 GB
Total RAM: 3984 MB (50% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:31:08, on 12.4.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe
C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe
C:\Program Files\trend micro\HP_RSITx64(2).exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {03993315-5CE9-4F00-8790-D14A94F1D91A} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Global Startup: ALFA plus - rýchle spustenie.lnk = C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 16.0.1 (AVP16.0.1) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - KROS_20400 (FirebirdServerKROS_20400) - Firebird Project - C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: klvssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lxbk_device - - C:\windows\system32\lxbkcoms.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11268 bytes
====== Enumerating Processes ======
C:\windows\system32\wininit.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\dwm.exe
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe" -r
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe"
"c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe"
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe" -s KROS_20400
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\windows\system32\lxbkcoms.exe -service
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhostex.exe
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe" -hidden
C:\windows\system32\SearchIndexer.exe /Embedding
C:\Program Files\Classic Shell\ClassicStartMenu.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\windows\system32\igfxsrvc.exe" -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe"
"C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exe"
"C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe" /StartUp
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
C:\windows\system32\taskeng.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\windows\system32\msiexec.exe /V
C:\windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\windows\System32\rundll32.exe
C:\windows\System32\svchost.exe -k WerSvcGroup
"C:\windows\system32\RunDll32.exe" "C:\windows\system32\WerConCpl.dll", LaunchErcApp -responsepester
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe"
"C:\Users\HP\Desktop\RSITx64(2).exe"
"C:\windows\system32\SearchFilterHost.exe" 0 604 608 616 65536 612
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\taskhost.exe
====== Scheduled tasks folder ======
C:\windows\tasks\HPCeeScheduleForHP.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForHP (null)
C:\windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\windows\system32\tasks\Adobe Flash Player Updater - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\windows\system32\tasks\CreateChoiceProcessTask - C:\Windows\BrowserChoice\browserchoice.exe /launch
C:\windows\system32\tasks\HPCeeScheduleForHP - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForHP (null)
C:\windows\system32\tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1940277907-3814265933-3346958118-1001 - %localappdata%\Microsoft\OneDrive\OneDrive.exe /autoupdate
C:\windows\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\windows\system32\tasks\User_Feed_Synchronization-{A52CA3FF-104F-46BA-BC04-E3A96EFDBEB7} - C:\windows\system32\msfeedssync.exe sync
C:\windows\system32\tasks\{838E6F4C-3D17-436B-8B4E-1A7874C62442} - C:\windows\system32\pcalua.exe -a C:\Users\HP\Downloads\OfficeExcel2003XMLToolsAddin.exe -d C:\Users\HP\Downloads
C:\windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1940277907-3814265933-3346958118-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\windows\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\windows\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\windows\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\windows\system32\sc.exe start wuauserv
C:\windows\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\windows\system32\sc.exe start wuauserv
C:\windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\windows\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\windows\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\windows\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\windows\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\windows\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\windows\system32\MRT.exe /EHB /Q
C:\windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\windows\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\windows\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\windows\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\windows\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\windows\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\windows\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\windows\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /WatchService
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis
C:\windows\system32\tasks\Hewlett-Packard\HP Support Assistant\Product Configurator - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport
C:\windows\system32\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA
=========Mozilla firefox=========
ProfilePath - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.148 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.148 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\extensions\
2020Player_IKEA@2020Technologies.com
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\addons.json
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\extensions.json
20-20 3D Viewer - IKEA - extension - 2020Player_IKEA@2020Technologies.com - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\extensions\2020Player_IKEA@2020Technologies.com
Kaspersky Protection - extension - light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Disable Prefetch - extension - disable-prefetch@mozilla.org - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\features\{b9bb0f3d-e970-4d78-b439-68bb21e1d265}\disable-prefetch@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\features\{b9bb0f3d-e970-4d78-b439-68bb21e1d265}\e10srollout@mozilla.org.xpi
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\o4a0yb2d.default\pluginreg.dat
Plugin - Shockwave Flash - 25.0.0.148 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll
=========Google Chrome=========
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Web Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Docs 0.0.0.6
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 6.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.5
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension felcaaldnbdncclmgdcncolpebgiejap
Extension flliilndjeohchalpbbcdekjklbdgfkk
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension lpeeaghdjmhlakojjcgfdhgcejdaefmi
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 7
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm
Homepage:
default_search_provider.search_url:
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi]
"Path"=https://chrome.google.com/webstore/deta ... gcejdaefmi
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03993315-5CE9-4F00-8790-D14A94F1D91A}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-02 972976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13 229064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-01-31 2351920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21 440712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03993315-5CE9-4F00-8790-D14A94F1D91A}]
Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2016-12-02 751336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21 416320]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
{001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2016-12-02 972976]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
{001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - Kaspersky Protection Toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2016-12-02 751336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-27 13667032]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2014-02-25 391152]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2014-02-25 771568]
"Persistence"=C:\windows\system32\igfxpers.exe [2014-02-25 770544]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"lxbkbmgr.exe"=C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe [2008-02-28 74408]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-03-03 9364696]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05 111576]
"CLVirtualDrive"=c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2013-08-07 490760]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ALFA plus - rýchle spustenie.lnk - C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-04-12 16:17:03 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2017-04-12 16:06:55 ----D---- C:\_OTM
2017-04-12 10:27:26 ----A---- C:\windows\SYSWOW64\msvcp120_clr0400.dll
2017-04-12 10:27:26 ----A---- C:\windows\system32\msvcp120_clr0400.dll
2017-04-12 10:27:24 ----A---- C:\windows\SYSWOW64\msvcr120_clr0400.dll
2017-04-12 10:27:24 ----A---- C:\windows\system32\msvcr120_clr0400.dll
2017-04-12 09:51:41 ----A---- C:\windows\system32\mshtml.dll
2017-04-12 09:51:38 ----A---- C:\windows\SYSWOW64\mshtml.dll
2017-04-12 09:51:37 ----A---- C:\windows\system32\ieframe.dll
2017-04-12 09:51:36 ----A---- C:\windows\SYSWOW64\ieframe.dll
2017-04-12 09:51:35 ----A---- C:\windows\SYSWOW64\jscript9.dll
2017-04-12 09:51:34 ----A---- C:\windows\system32\wuaueng.dll
2017-04-12 09:51:34 ----A---- C:\windows\system32\win32k.sys
2017-04-12 09:51:32 ----A---- C:\windows\SYSWOW64\wininet.dll
2017-04-12 09:51:32 ----A---- C:\windows\system32\wininet.dll
2017-04-12 09:51:31 ----A---- C:\windows\SYSWOW64\storagewmi.dll
2017-04-12 09:51:31 ----A---- C:\windows\system32\storagewmi.dll
2017-04-12 09:51:31 ----A---- C:\windows\system32\iertutil.dll
2017-04-12 09:51:26 ----A---- C:\windows\SYSWOW64\mispace.dll
2017-04-12 09:51:26 ----A---- C:\windows\SYSWOW64\iertutil.dll
2017-04-12 09:51:26 ----A---- C:\windows\system32\ole32.dll
2017-04-12 09:51:26 ----A---- C:\windows\system32\mispace.dll
2017-04-12 09:51:25 ----A---- C:\windows\system32\urlmon.dll
2017-04-12 09:51:25 ----A---- C:\windows\system32\rdpcorets.dll
2017-04-12 09:51:25 ----A---- C:\windows\system32\mfmp4srcsnk.dll
2017-04-12 09:51:24 ----A---- C:\windows\SYSWOW64\urlmon.dll
2017-04-12 09:51:24 ----A---- C:\windows\SYSWOW64\ole32.dll
2017-04-12 09:51:24 ----A---- C:\windows\SYSWOW64\mfmp4srcsnk.dll
2017-04-12 09:51:23 ----A---- C:\windows\system32\drivers\WdFilter.sys
2017-04-12 09:51:22 ----A---- C:\windows\system32\wuapi.dll
2017-04-12 09:51:22 ----A---- C:\windows\system32\samsrv.dll
2017-04-12 09:51:22 ----A---- C:\windows\system32\quartz.dll
2017-04-12 09:51:22 ----A---- C:\windows\system32\netlogon.dll
2017-04-12 09:51:22 ----A---- C:\windows\system32\gdi32.dll
2017-04-12 09:51:21 ----A---- C:\windows\SYSWOW64\quartz.dll
2017-04-12 09:51:21 ----A---- C:\windows\SYSWOW64\gdi32.dll
2017-04-12 09:51:21 ----A---- C:\windows\system32\WindowsCodecs.dll
2017-04-12 09:51:21 ----A---- C:\windows\system32\win32spl.dll
2017-04-12 09:51:21 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2017-04-12 09:51:20 ----A---- C:\windows\SYSWOW64\wuapi.dll
2017-04-12 09:51:20 ----A---- C:\windows\SYSWOW64\SessEnv.dll
2017-04-12 09:51:20 ----A---- C:\windows\system32\SessEnv.dll
2017-04-12 09:51:19 ----A---- C:\windows\SYSWOW64\netlogon.dll
2017-04-12 09:51:19 ----A---- C:\windows\system32\wucltux.dll
2017-04-12 09:51:19 ----A---- C:\windows\system32\drivers\ndis.sys
2017-04-12 09:51:18 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2017-04-12 09:51:18 ----A---- C:\windows\system32\ucrtbase.dll
2017-04-12 09:51:18 ----A---- C:\windows\system32\puiobj.dll
2017-04-12 09:51:18 ----A---- C:\windows\system32\drivers\WdNisDrv.sys
2017-04-12 09:51:18 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2017-04-12 09:51:17 ----A---- C:\windows\SYSWOW64\atmfd.dll
2017-04-12 09:51:17 ----A---- C:\windows\system32\msfeeds.dll
2017-04-12 09:51:17 ----A---- C:\windows\system32\atmfd.dll
2017-04-12 09:51:16 ----A---- C:\windows\system32\WinSCard.dll
2017-04-12 09:51:16 ----A---- C:\windows\system32\certprop.dll
2017-04-12 09:51:15 ----A---- C:\windows\SYSWOW64\DafPrintProvider.dll
2017-04-12 09:51:15 ----A---- C:\windows\system32\drivers\storport.sys
2017-04-12 09:51:15 ----A---- C:\windows\system32\DafPrintProvider.dll
2017-04-12 09:51:14 ----A---- C:\windows\SYSWOW64\WinSCard.dll
2017-04-12 09:51:14 ----A---- C:\windows\system32\ScDeviceEnum.dll
2017-04-12 09:51:14 ----A---- C:\windows\system32\drivers\WdBoot.sys
2017-04-12 09:51:13 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2017-04-12 09:51:12 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2017-04-12 09:51:12 ----A---- C:\windows\system32\drivers\dfsc.sys
2017-04-12 09:51:11 ----A---- C:\windows\system32\samlib.dll
2017-04-12 09:51:11 ----A---- C:\windows\system32\drivers\http.sys
2017-04-12 09:51:11 ----A---- C:\windows\system32\drivers\BasicRender.sys
2017-04-12 09:51:10 ----A---- C:\windows\system32\rdpudd.dll
2017-04-12 09:51:10 ----A---- C:\windows\system32\drivers\spaceport.sys
2017-04-12 09:51:09 ----A---- C:\windows\SYSWOW64\samlib.dll
2017-04-12 09:51:08 ----A---- C:\windows\SYSWOW64\ucrtbase.dll
2017-04-12 09:51:04 ----A---- C:\windows\SYSWOW64\asycfilt.dll
2017-04-12 09:51:04 ----A---- C:\windows\system32\wuauclt.exe
2017-04-12 09:51:04 ----A---- C:\windows\system32\jscript.dll
2017-04-12 09:51:03 ----A---- C:\windows\system32\WUSettingsProvider.dll
2017-04-12 09:51:03 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2017-04-12 09:51:03 ----A---- C:\windows\system32\asycfilt.dll
2017-04-12 09:51:02 ----A---- C:\windows\system32\webcheck.dll
2017-04-12 09:51:02 ----A---- C:\windows\system32\jscript9.dll
2017-04-12 09:51:01 ----A---- C:\windows\SYSWOW64\webcheck.dll
2017-04-12 09:51:01 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2017-04-12 09:51:01 ----A---- C:\windows\SYSWOW64\mfmjpegdec.dll
2017-04-12 09:51:01 ----A---- C:\windows\system32\mfmjpegdec.dll
2017-04-12 09:51:01 ----A---- C:\windows\system32\iedkcs32.dll
2017-04-12 09:51:00 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2017-04-12 09:50:59 ----A---- C:\windows\system32\inetcomm.dll
2017-04-12 09:50:59 ----A---- C:\windows\system32\ie4uinit.exe
2017-04-12 09:50:59 ----A---- C:\windows\system32\drivers\scfilter.sys
2017-04-12 09:50:58 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2017-04-12 09:50:58 ----A---- C:\windows\SYSWOW64\wudriver.dll
2017-04-12 09:50:58 ----A---- C:\windows\SYSWOW64\vbscript.dll
2017-04-12 09:50:58 ----A---- C:\windows\SYSWOW64\jscript.dll
2017-04-12 09:50:58 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2017-04-12 09:50:58 ----A---- C:\windows\system32\wuwebv.dll
2017-04-12 09:50:58 ----A---- C:\windows\system32\wudriver.dll
2017-04-12 09:50:58 ----A---- C:\windows\system32\vbscript.dll
2017-04-12 09:50:58 ----A---- C:\windows\system32\ieapfltr.dll
2017-04-12 09:50:57 ----A---- C:\windows\SYSWOW64\wuapp.exe
2017-04-12 09:50:57 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2017-04-12 09:50:57 ----A---- C:\windows\SYSWOW64\atmlib.dll
2017-04-12 09:50:57 ----A---- C:\windows\system32\wuapp.exe
2017-04-12 09:50:57 ----A---- C:\windows\system32\atmlib.dll
2017-04-10 08:15:00 ----D---- C:\Program Files\CCleaner
2017-04-10 08:13:27 ----D---- C:\Program Files (x86)\Google
2017-04-06 08:32:50 ----D---- C:\AdwCleaner
2017-04-05 17:47:09 ----D---- C:\Program Files\trend micro
2017-04-05 17:47:06 ----D---- C:\rsit
2017-04-05 15:45:01 ----D---- C:\Program Files (x86)\Adobe
2017-03-15 09:14:16 ----A---- C:\windows\SYSWOW64\iepeers.dll
2017-03-15 09:14:16 ----A---- C:\windows\system32\iepeers.dll
2017-03-15 09:14:15 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2017-03-15 09:14:09 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2017-03-15 09:14:06 ----A---- C:\windows\system32\dxtrans.dll
2017-03-15 09:14:03 ----A---- C:\windows\system32\ntoskrnl.exe
2017-03-15 09:13:59 ----A---- C:\windows\system32\winresume.exe
2017-03-15 09:13:58 ----A---- C:\windows\system32\winload.exe
2017-03-15 09:13:56 ----A---- C:\windows\system32\glcndFilter.dll
2017-03-15 09:13:55 ----A---- C:\windows\system32\Windows.Data.Pdf.dll
2017-03-15 09:13:54 ----A---- C:\windows\system32\DWrite.dll
2017-03-15 09:13:53 ----A---- C:\windows\SYSWOW64\DWrite.dll
2017-03-15 09:13:53 ----A---- C:\windows\system32\wow64.dll
2017-03-15 09:13:53 ----A---- C:\windows\system32\lsasrv.dll
2017-03-15 09:13:53 ----A---- C:\windows\system32\FntCache.dll
2017-03-15 09:13:49 ----A---- C:\windows\system32\msxml3.dll
2017-03-15 09:13:49 ----A---- C:\windows\system32\GdiPlus.dll
2017-03-15 09:13:48 ----A---- C:\windows\SYSWOW64\Windows.Data.Pdf.dll
2017-03-15 09:13:48 ----A---- C:\windows\SYSWOW64\msxml3.dll
2017-03-15 09:13:48 ----A---- C:\windows\SYSWOW64\glcndFilter.dll
2017-03-15 09:13:47 ----A---- C:\windows\SYSWOW64\GdiPlus.dll
2017-03-15 09:13:47 ----A---- C:\windows\system32\dnsapi.dll
2017-03-15 09:13:46 ----A---- C:\windows\SYSWOW64\dnsapi.dll
2017-03-15 09:13:45 ----A---- C:\windows\system32\microsoft-windows-system-events.dll
2017-03-15 09:13:43 ----A---- C:\windows\system32\drivers\srv2.sys
2017-03-15 09:13:42 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2017-03-15 09:13:41 ----A---- C:\windows\SYSWOW64\adtschema.dll
2017-03-15 09:13:41 ----A---- C:\windows\system32\ieetwcollector.exe
2017-03-15 09:13:41 ----A---- C:\windows\system32\adtschema.dll
2017-03-15 09:13:40 ----A---- C:\windows\system32\wininit.exe
2017-03-15 09:13:40 ----A---- C:\windows\system32\drivers\srv.sys
2017-03-15 09:13:40 ----A---- C:\windows\HelpPane.exe
2017-03-15 09:13:39 ----A---- C:\windows\SYSWOW64\mscms.dll
2017-03-15 09:13:39 ----A---- C:\windows\system32\mscms.dll
2017-03-15 09:13:39 ----A---- C:\windows\system32\drivers\cng.sys
2017-03-15 09:13:38 ----A---- C:\windows\SYSWOW64\icm32.dll
2017-03-15 09:13:38 ----A---- C:\windows\system32\icm32.dll
2017-03-15 09:13:37 ----A---- C:\windows\SYSWOW64\certcli.dll
2017-03-15 09:13:37 ----A---- C:\windows\system32\dnsrslvr.dll
2017-03-15 09:13:37 ----A---- C:\windows\system32\certcli.dll
2017-03-15 09:13:36 ----A---- C:\windows\SYSWOW64\msobjs.dll
2017-03-15 09:13:36 ----A---- C:\windows\system32\msobjs.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\pcasvc.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\invagent.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\generaltel.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\devinv.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\CompatTelRunner.exe
2017-03-15 09:07:51 ----A---- C:\windows\system32\centel.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\appraiser.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\aepic.dll
2017-03-15 09:07:51 ----A---- C:\windows\system32\aeinv.dll
2017-03-15 09:07:50 ----A---- C:\windows\system32\acmigration.dll
====== List of files/folders modified in the last 1 month ======
2017-04-12 16:31:07 ----D---- C:\windows\Temp
2017-04-12 16:31:06 ----D---- C:\windows\Prefetch
2017-04-12 16:27:36 ----D---- C:\windows\Inf
2017-04-12 16:27:34 ----D---- C:\windows\debug
2017-04-12 16:27:34 ----D---- C:\Windows
2017-04-12 16:25:41 ----D---- C:\windows\system32\config
2017-04-12 16:23:51 ----D---- C:\ProgramData\firebird
2017-04-12 16:23:02 ----RD---- C:\windows\System32
2017-04-12 16:23:02 ----A---- C:\windows\system32\PerfStringBackup.INI
2017-04-12 16:17:27 ----RD---- C:\Program Files
2017-04-12 16:17:26 ----D---- C:\ProgramData\Kaspersky Lab
2017-04-12 16:17:13 ----D---- C:\windows\Microsoft.NET
2017-04-12 16:17:10 ----D---- C:\windows\WinSxS
2017-04-12 16:17:03 ----D---- C:\windows\SysWOW64
2017-04-12 16:16:23 ----D---- C:\windows\system32\DriverStore
2017-04-12 16:16:05 ----SHD---- C:\System Volume Information
2017-04-12 16:10:50 ----RD---- C:\windows\ToastData
2017-04-12 16:10:48 ----D---- C:\Program Files\Windows Defender
2017-04-12 16:10:48 ----D---- C:\Program Files\Internet Explorer
2017-04-12 16:10:48 ----D---- C:\Program Files (x86)\Windows Defender
2017-04-12 16:10:48 ----D---- C:\Program Files (x86)\Internet Explorer
2017-04-12 16:10:47 ----D---- C:\windows\SYSWOW64\wbem
2017-04-12 16:10:47 ----D---- C:\windows\SYSWOW64\sk-SK
2017-04-12 16:10:47 ----D---- C:\windows\SYSWOW64\inetsrv
2017-04-12 16:10:47 ----D---- C:\windows\SYSWOW64\en-US
2017-04-12 16:10:46 ----D---- C:\windows\system32\wbem
2017-04-12 16:10:46 ----D---- C:\windows\system32\sk-SK
2017-04-12 16:10:46 ----D---- C:\windows\system32\inetsrv
2017-04-12 16:10:46 ----D---- C:\windows\system32\en-US
2017-04-12 16:10:46 ----D---- C:\windows\system32\drivers\en-US
2017-04-12 16:10:46 ----D---- C:\windows\system32\drivers
2017-04-12 16:00:00 ----D---- C:\windows\system32\sru
2017-04-12 10:33:07 ----D---- C:\windows\system32\MRT
2017-04-12 10:30:18 ----AC---- C:\windows\system32\MRT.exe
2017-04-12 10:30:09 ----D---- C:\windows\CbsTemp
2017-04-12 10:27:58 ----D---- C:\windows\system32\catroot2
2017-04-12 09:23:01 ----D---- C:\windows\system32\Macromed
2017-04-12 09:22:56 ----D---- C:\windows\SYSWOW64\Macromed
2017-04-11 15:46:14 ----D---- C:\temp
2017-04-11 15:45:34 ----D---- C:\Users\HP\AppData\Roaming\ClassicShell
2017-04-10 08:49:48 ----SHD---- C:\windows\Installer
2017-04-10 08:49:48 ----D---- C:\ProgramData\Package Cache
2017-04-10 08:49:46 ----RD---- C:\Program Files (x86)
2017-04-10 08:49:46 ----D---- C:\ProgramData\Avira
2017-04-10 08:38:13 ----D---- C:\windows\system32\Tasks
2017-04-10 08:36:24 ----D---- C:\Users\HP\AppData\Roaming\Avira
2017-04-10 08:29:10 ----D---- C:\windows\Panther
2017-04-10 08:29:09 ----D---- C:\windows\Logs
2017-04-10 08:25:11 ----D---- C:\windows\Tasks
2017-04-05 15:42:32 ----D---- C:\ProgramData\Adobe
2017-03-30 10:30:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-30 10:30:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-03-24 09:58:10 ----RSD---- C:\windows\assembly
2017-03-24 08:58:40 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2017-03-24 08:56:50 ----D---- C:\Program Files\Microsoft Office 15
2017-03-20 12:35:06 ----D---- C:\windows\rescache
2017-03-20 09:55:37 ----D---- C:\windows\system32\appraiser
2017-03-20 09:55:36 ----D---- C:\windows\apppatch
2017-03-15 09:24:09 ----D---- C:\windows\AppReadiness
2017-03-15 09:24:08 ----HD---- C:\Program Files\WindowsApps
2017-03-14 12:28:20 ----D---- C:\windows\system32\catroot
File C:\windows\system32\winlogon.exe is digitally signed
File C:\windows\system32\wininit.exe is digitally signed
File C:\windows\explorer.exe is digitally signed
File C:\windows\SysWOW64\explorer.exe is digitally signed
File C:\windows\system32\svchost.exe is digitally signed
File C:\windows\SysWOW64\svchost.exe is digitally signed
File C:\windows\system32\services.exe is digitally signed
File C:\windows\system32\User32.dll is digitally signed
File C:\windows\SysWOW64\User32.dll is digitally signed
File C:\windows\system32\userinit.exe is digitally signed
File C:\windows\SysWOW64\userinit.exe is digitally signed
File C:\windows\system32\rpcss.dll is digitally signed
File C:\windows\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak); C:\windows\system32\DRIVERS\cm_km.sys [2015-07-06 389816]
R0 kl1;kl1; C:\windows\system32\DRIVERS\kl1.sys [2015-09-11 478392]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\windows\system32\DRIVERS\klbackupdisk.sys [2015-06-06 53432]
R1 CLVirtualDrive;CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\windows\system32\DRIVERS\klbackupflt.sys [2015-12-01 79752]
R1 klhk;@oem89.inf,%klhkDisplayName%;Kaspersky Lab service driver; C:\windows\system32\DRIVERS\klhk.sys [2017-03-14 244448]
R1 KLIF;Kaspersky Lab Driver; C:\windows\system32\DRIVERS\klif.sys [2017-03-14 1000160]
R1 KLIM6;@oem66.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\windows\system32\DRIVERS\klim6.sys [2016-05-05 51288]
R1 klpd;Kaspersky Lab format recognizer driver; C:\windows\system32\DRIVERS\klpd.sys [2015-12-07 45960]
R1 klwfp;klwfp; C:\windows\system32\DRIVERS\klwfp.sys [2016-08-16 87984]
R1 Klwtp;KLwtp - WFP callout traffic inspector; C:\windows\system32\DRIVERS\klwtp.sys [2017-03-14 116448]
R1 kneps;kneps; C:\windows\system32\DRIVERS\kneps.sys [2015-12-03 194440]
R2 kldisk;kldisk; C:\windows\system32\DRIVERS\kldisk.sys [2015-12-02 78200]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-02-25 4221440]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-03-27 3867992]
R3 iwdbus;@oem54.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 klflt;Kaspersky Lab Kernel DLL; C:\windows\system32\DRIVERS\klflt.sys [2017-03-14 185112]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\windows\system32\DRIVERS\klkbdflt.sys [2015-11-11 52608]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\windows\system32\DRIVERS\klmouflt.sys [2015-06-07 41656]
R3 MEIx64;@oem16.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\System32\drivers\TeeDriverx64.sys [2014-03-18 99288]
R3 RTL8168;@oem52.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2014-03-26 839896]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S0 klelam;klelam; C:\windows\system32\DRIVERS\klelam.sys [2015-06-24 30328]
S3 dg_ssudbus;@oem60.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem53.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 ssudmdm;@oem61.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;@oem62.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-12-19 82640]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll" = %windir%\system32\inetsrv\apphostsvc.dll
R2 AVP16.0.1;Služba Kaspersky Anti-Virus 16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [2015-12-22 236928]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 ClickToRunSvc;Služba Klikni a spusti balíka Microsoft Office; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2017-01-17 3042032]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-08-12 77576]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-08-12 298760]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 FirebirdServerKROS_20400;Firebird Server - KROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [2011-10-11 3764224]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-12-07 31776]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-11 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-03-18 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-03-18 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-03-18 390616]
R2 lxbk_device;lxbk_device; C:\windows\system32\lxbkcoms.exe [2008-02-19 565928]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-03-27 290520]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-04-28 1102472]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-12 271448]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-10-20 50864]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll" = %SystemRoot%\System32\BthHFSrv.dll
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-02-25 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-11 822232]
S3 klvssbrigde64;klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [2015-12-22 152488]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-03-20 172488]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; %windir%\system32\svchost.exe -k apphost;"ServiceDll" = %windir%\system32\inetsrv\w3logsvc.dll
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; %windir%\system32\svchost.exe -k iissvcs;"ServiceDll" = %windir%\system32\inetsrv\iisw3adm.dll
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomaleee PC
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomaleee PC
Podstatne sa zrychlil. Stale mam ale pocit, ze na pozadi cosi prebieha...aj to pocujem. Pritom som vedome ziadny proces nespustil...
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomaleee PC
Samotřejmě, že v PC některý soft běží na pozadí. Zkuste ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomaleee PC
Malwarebytes
www.malwarebytes.com
-Podrobnosti denníka-
Dátum skenovania: 18.04.17
Čas skenovania: 14:17
Súbor denníka: malware log.txt
Správca: Áno
-Údaje o softvéri-
Verzia: 3.0.6.1469
Verzia súčastí: 1.0.103
Aktualizovať verziu balíka: 1.0.1753
Licencia: Skúšobná verzia
-Systémové informácie-
OS: Windows 8.1
Procesor: x64
Systém súborov: NTFS
Používateľ: HP-PC\HP
-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Výsledok: Dokončené
Preskenované objekty: 330041
Uplynulý čas: 3 min, 11 s
-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Povolené
PUM: Povolené
-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)
Modul: 0
(Nezistili sa nijaké škodlivé položky)
Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)
Priečinok: 0
(Nezistili sa nijaké škodlivé položky)
Súbor: 0
(Nezistili sa nijaké škodlivé položky)
Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)
(end)
www.malwarebytes.com
-Podrobnosti denníka-
Dátum skenovania: 18.04.17
Čas skenovania: 14:17
Súbor denníka: malware log.txt
Správca: Áno
-Údaje o softvéri-
Verzia: 3.0.6.1469
Verzia súčastí: 1.0.103
Aktualizovať verziu balíka: 1.0.1753
Licencia: Skúšobná verzia
-Systémové informácie-
OS: Windows 8.1
Procesor: x64
Systém súborov: NTFS
Používateľ: HP-PC\HP
-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Výsledok: Dokončené
Preskenované objekty: 330041
Uplynulý čas: 3 min, 11 s
-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Povolené
PUM: Povolené
-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)
Modul: 0
(Nezistili sa nijaké škodlivé položky)
Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)
Priečinok: 0
(Nezistili sa nijaké škodlivé položky)
Súbor: 0
(Nezistili sa nijaké škodlivé položky)
Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)
(end)
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomaleee PC
Váš PC je po stránce malware zcela čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?