Dobry den,
prosim o kontrolu logu PC.Seka se net, ale zpomalene jsou i aplikace....
info.txt logfile of random's system information tool 1.10 2015-05-08 20:45:35
======MBR======
0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9AFD6D1876000000010100422020003F000000C107000080202100425E38260008000000600900005E392642FEFFFF006809000060731F00FEFFFF42FEFFFF00C87C1F3090BB1A55AA
======Uninstall list======
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin
ArcSoft Webcam Sharing Manager-->MsiExec.exe /X{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}
BitComet 1.37 64-bit-->C:\Program Files\BitComet\uninst.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CleanUp!-->C:\Program Files (x86)\CleanUp!\uninstall.exe
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Foxit Advanced PDF Editor 3-->"C:\Program Files (x86)\Foxit Software\Foxit Advanced PDF Editor\unins000.exe"
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HP Backlit Keyboard Controls-->MsiExec.exe /X{CD4F3229-4A37-463F-98A3-3DEEEEE8492C}
HP Deskjet 3050 J610 series Nápověda-->MsiExec.exe /I{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}
HP HD Webcam Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe" -runfromtemp -l0x0405 -removeonly
HP Hotkey Support-->MsiExec.exe /X{C97CC14E-4789-4FC5-BC75-79191F7CE009}
HP Photo Creations-->C:\Program Files (x86)\HP Photo Creations\uninst.exe
HP Software Framework-->MsiExec.exe /X{6CFAFC70-7191-4E07-AD9C-E7E0E564D6E1}
HP Support Solutions Framework-->MsiExec.exe /I{FC3C2B77-6800-48C6-A15D-9D1031130C16}
HP System Default Settings-->MsiExec.exe /X{F4F3B985-9B21-4D67-B1B2-2829C5D392E8}
HP Update-->MsiExec.exe /X{912D30CF-F39E-4B31-AD9A-123C6B794EE2}
IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\Setup.exe" -remove -removeonly
Intel(R) Network Connections Drivers-->Prounstl.exe
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed-->MsiExec.exe /X{BEE86606-EFB5-4353-9F34-29E0C59CDCFA}
Intel(R) Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
Intel(R) SDK for OpenCL - CPU Only Runtime Package-->C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall
Java(TM) 6 Update 22-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}
JMicron Flash Media Controller Driver-->"C:\Program Files (x86)\JMicron\JMCR_DIR\setup.exe" delpkg
Kaspersky Internet Security-->MsiExec.exe /I{02FECEE0-16B2-43DB-BC3B-C844477FC142}
Kaspersky Internet Security-->MsiExec.exe /I{02FECEE0-16B2-43DB-BC3B-C844477FC142} REMOVE=ALL
KeePass Password Safe 1.29-->"C:\Program Files (x86)\KeePass Password Safe\unins000.exe"
Microsoft .NET Framework 4.5.2 (CSY)-->MsiExec.exe /X{C48AF3CF-C632-3C19-838E-7DAB7283D46A}
Microsoft .NET Framework 4.5.2 (čeština)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\CSY\\Setup.exe /repair /x86 /x64 /lcid 1029
Microsoft .NET Framework 4.5.2-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5.2-->MsiExec.exe /X{26784146-6E05-3FF9-9335-786C7C0FB5BE}
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2010-->MsiExec.exe /X{90140000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{91140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053-->MsiExec.exe /X{B6E3757B-5E77-3915-866A-CCFC4B8D194C}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Mindjet 14-->MsiExec.exe /I{5C1060A2-462B-4883-A26A-065EEF6E35DF}
PDF-XChange 2012-->"C:\Program Files (x86)\Mindjet\MindManager 14\PDF-XChange\PDF-XChange 5\unins000.exe"
PDF-XChange Editor-->"C:\ProgramData\Package Cache\{f539ee85-0a50-4518-b879-f3188aeaa57b}\PDFXVE5.exe" /uninstall
PDF-XChange Editor-->MsiExec.exe /I{8186DD8A-CB32-4190-AAD7-6CAE37830AFE}
Security Update for Microsoft .NET Framework 4.5.2 (KB2972107)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {59923C0F-51CB-3F2C-8465-E69019472533}
Security Update for Microsoft .NET Framework 4.5.2 (KB2972216)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {47FA5DCB-D13C-331E-BC32-65E53BDD949C}
Security Update for Microsoft .NET Framework 4.5.2 (KB2978128)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {8B856ECB-ED10-3F9E-880D-03A278EF3FB6}
Security Update for Microsoft .NET Framework 4.5.2 (KB2979578v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {48006B2D-366F-3386-92C7-785D3A523042}
Security Update for Microsoft .NET Framework 4.5.2 (KB3037581)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe /uninstallpatch {99A495FF-BC65-375D-B3C9-934E1DE4F558}
Skype™ 7.2-->MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
Studie vylepšování produktu HP Deskjet 3050 J610 series-->MsiExec.exe /I{8310B4FA-2ADE-4022-BD5A-28C4BDADC7D2}
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Total Commander (Remove or Repair)-->C:\Program Files\totalcmd\tcuninst.exe
Validity Fingerprint Sensor Driver-->MsiExec.exe /X{697E5298-CF76-43A3-AC9D-6AE2FA0F2B43}
VLC media player-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Windows 7 USB/DVD Download Tool-->MsiExec.exe /X{CCF298AF-9CE1-4B26-B251-486E98A34789}
WinRAR 5.10 (64-bitowy)-->C:\Program Files\WinRAR\uninstall.exe
Základní software zařízení HP Deskjet 3050 J610 series-->MsiExec.exe /I{A74FCB98-0C9F-4D35-8F81-79BD5AA6A88F}
Základní software zařízení HP Deskjet 3050A J611 series-->MsiExec.exe /I{E520AF6F-F5E5-4307-B970-84E3B9B6A2B0}
======System event log======
Computer Name: 37L4247F27-25
Event Code: 7036
Message: Stav služby Distributed Link Tracking Client byl změněn na: stopped
Record Number: 5
Source Name: Service Control Manager
Time Written: 20101121035831.108772-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 7036
Message: Stav služby Desktop Window Manager Session Manager byl změněn na: stopped
Record Number: 4
Source Name: Service Control Manager
Time Written: 20101121035831.108772-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 7036
Message: Stav služby Power byl změněn na: stopped
Record Number: 3
Source Name: Service Control Manager
Time Written: 20101121035831.108772-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 7036
Message: Stav služby Windows Event Log byl změněn na: stopped
Record Number: 2
Source Name: Service Control Manager
Time Written: 20101121035831.093172-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 7036
Message: Stav služby Diagnostic Policy Service byl změněn na: stopped
Record Number: 1
Source Name: Service Control Manager
Time Written: 20101121035831.093172-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: 37L4247F27-25
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 5
Source Name: Microsoft-Windows-WMI
Time Written: 20150203175357.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20150203175354.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.
Record Number: 3
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20150203175350.677297-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: 37L4247F27-25
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 2
Source Name: Microsoft-Windows-EventSystem
Time Written: 20150203175350.000000-000
Event Type: Informace
User:
Computer Name: 37L4247F27-25
Event Code: 1532
Message: Služba Profil uživatele byla zastavena.
Record Number: 1
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20101121035831.124372-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
=====Security event log=====
Computer Name: 37L4247F27-25
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150203175326.185253-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247F27-25$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x1d8
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150203175326.185253-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.
Počet prvků: 0
ID zásady: 0x30752
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150203175321.692446-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0
Typ přihlášení: 0
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x4
Název procesu:
Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150203175319.976443-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4608
Message: Spouští se systém Windows.
Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150203175319.945243-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\Skype\Phone\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
pomale PC - podezreni na malware
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Time2Groove
- 2. Stupeň Varování
- Příspěvky: 147
- Registrován: 23 říj 2005 18:22
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomale PC - podezreni na malware
Zdravím!
Poprosím o obsah souboru log.txt. Toto je info.txt a z něj nevyčtu nic. Děkuji.
Poprosím o obsah souboru log.txt. Toto je info.txt a z něj nevyčtu nic. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Time2Groove
- 2. Stupeň Varování
- Příspěvky: 147
- Registrován: 23 říj 2005 18:22
Re: pomale PC - podezreni na malware
sorry 
Logfile of random's system information tool 1.10 (written by random/random)
Run by milan at 2015-05-08 20:45:21
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 199 GB (77%) free of 258 GB
Total RAM: 4005 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:45:31, on 8.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\milan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send Image To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/201
O8 - Extra context menu item: Send Link To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/203
O8 - Extra context menu item: Send Page To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/204
O8 - Extra context menu item: Send Text To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/202
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Send to Mindjet - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll
O9 - Extra button: Virtuální klávesnice - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Služba Kaspersky Anti-Virus 15.0.2 (AVP15.0.2) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11411 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe" -r
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
C:\Windows\Explorer.EXE
taskeng.exe {4906122A-CBEE-45E3-AA36-72DA4525D94D}
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe" -hidden
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1164.0.1807140761\1427221276" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,19,42 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2963 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*UwSInterstitialStatus/On/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=1164 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="1164.2.1824229603\1234089473" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*UwSInterstitialStatus/On/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=1164 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="1164.3.1978334934\844610753" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*UwSInterstitialStatus/On/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=1164 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="1164.6.877746048\999370087" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\milan\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29 767280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FE6A929-59D1-4763-91AD-29B61CFFB35B}]
CmjBrowserHelperObject Object - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll [2013-09-06 82248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-02-04 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-04-07 2816240]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-04-30 172016]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-04-30 442352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
C:\Program Files\BitComet\BitComet.exe [2013-12-31 17257648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2013-04-30 399856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMReminderService]
C:\Program Files (x86)\Mindjet\MindManager 14\MMReminderService.exe [2013-09-06 42312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-03-14 319360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-02-26 31344744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2012-09-20 1664000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^milan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sledovat výstrahy inkoustu - HP Deskjet 3050A J611 series.lnk]
C:\Windows\system32\RunDll32.exe [2009-07-14 45568]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-01-16 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-05-08 20:45:21 ----D---- C:\rsit
2015-05-08 20:45:21 ----D---- C:\Program Files\trend micro
2015-05-01 12:03:02 ----D---- C:\Windows\pss
2015-05-01 11:55:35 ----N---- C:\Windows\system32\HPDiscoPMa011.dll
2015-05-01 11:29:20 ----D---- C:\ProgramData\Visan
2015-05-01 11:29:20 ----D---- C:\ProgramData\HP Photo Creations
2015-05-01 11:29:20 ----D---- C:\Program Files (x86)\HP Photo Creations
2015-05-01 11:29:10 ----D---- C:\Users\milan\AppData\Roaming\HpUpdate
2015-05-01 11:29:04 ----N---- C:\Windows\system32\HPDiscoPM9311.dll
2015-05-01 11:28:56 ----D---- C:\ProgramData\HP
2015-05-01 11:28:56 ----D---- C:\Program Files\HP
2015-05-01 11:28:50 ----A---- C:\ProgramData\Ament.ini
2015-05-01 11:15:16 ----D---- C:\Program Files (x86)\Hp
2015-04-26 14:38:04 ----SD---- C:\Windows\system32\CompatTel
2015-04-26 14:38:04 ----D---- C:\Windows\system32\appraiser
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wups2.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wups.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wudriver.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wucltux.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuapp.exe
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuapi.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-26 08:00:33 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\invagent.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\generaltel.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\devinv.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\appraiser.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\aitstatic.exe
2015-04-26 08:00:22 ----A---- C:\Windows\system32\aepic.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\aeinv.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\acmigration.dll
2015-04-26 08:00:21 ----A---- C:\Windows\system32\aepdu.dll
2015-04-26 08:00:19 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-26 08:00:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-26 08:00:15 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-26 08:00:15 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-26 08:00:15 ----A---- C:\Windows\system32\msxml3.dll
2015-04-26 08:00:14 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-26 07:59:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-26 07:59:56 ----A---- C:\Windows\system32\ntdll.dll
2015-04-26 07:59:55 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-26 07:59:55 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-26 07:59:55 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-26 07:59:55 ----A---- C:\Windows\system32\kernel32.dll
2015-04-26 07:59:54 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-26 07:59:52 ----A---- C:\Windows\system32\schannel.dll
2015-04-26 07:59:22 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-26 07:59:22 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-26 07:59:22 ----A---- C:\Windows\system32\wow64win.dll
2015-04-26 07:59:22 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\wow64.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\winsrv.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\wdigest.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\sspicli.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\srcore.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\srclient.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\smss.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\secur32.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\rstrui.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\lsass.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\kerberos.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-26 07:59:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-26 07:59:21 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\credssp.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\conhost.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\auditpol.exe
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-26 07:59:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-26 07:59:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-26 07:59:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-26 07:59:19 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\msobjs.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\msaudite.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\adtschema.dll
2015-04-26 07:59:06 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-26 07:59:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-26 07:59:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-26 07:59:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-26 07:59:02 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-26 07:59:02 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-26 07:59:01 ----A---- C:\Windows\system32\iernonce.dll
2015-04-26 07:59:01 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-26 07:59:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-26 07:59:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-26 07:59:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-26 07:59:00 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-26 07:58:59 ----A---- C:\Windows\system32\urlmon.dll
2015-04-26 07:58:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-26 07:58:59 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-26 07:58:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-26 07:58:58 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-26 07:58:58 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-26 07:58:57 ----A---- C:\Windows\system32\iesetup.dll
2015-04-26 07:58:57 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-26 07:58:56 ----A---- C:\Windows\system32\iertutil.dll
2015-04-26 07:58:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-26 07:58:55 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-26 07:58:55 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-26 07:58:55 ----A---- C:\Windows\system32\ieui.dll
2015-04-26 07:58:55 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-26 07:58:54 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-26 07:58:54 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-26 07:58:54 ----A---- C:\Windows\system32\ieframe.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\wininet.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\vbscript.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\jscript9.dll
2015-04-26 07:58:52 ----A---- C:\Windows\system32\msrating.dll
2015-04-26 07:58:52 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-26 07:58:51 ----A---- C:\Windows\system32\mshtml.dll
2015-04-26 07:58:19 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-26 07:58:19 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-26 07:58:19 ----A---- C:\Windows\system32\clfs.sys
======List of files/folders modified in the last 1 month======
2015-05-08 20:45:31 ----D---- C:\Windows\Prefetch
2015-05-08 20:45:26 ----D---- C:\Windows\Temp
2015-05-08 20:45:21 ----RD---- C:\Program Files
2015-05-08 20:39:56 ----D---- C:\ProgramData\Kaspersky Lab
2015-05-08 20:39:46 ----SHD---- C:\System Volume Information
2015-05-08 20:38:49 ----D---- C:\Windows\system32\config
2015-05-08 19:19:34 ----D---- C:\Program Files (x86)\KeePass Password Safe
2015-05-05 21:55:43 ----D---- C:\Users\milan\AppData\Roaming\BitComet
2015-05-05 21:44:25 ----D---- C:\Windows\System32
2015-05-05 21:44:25 ----D---- C:\Windows\inf
2015-05-05 21:44:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-05 21:24:34 ----D---- C:\Users\milan\AppData\Roaming\vlc
2015-05-05 21:03:42 ----D---- C:\Downloads
2015-05-03 10:54:58 ----D---- C:\Windows
2015-05-01 15:41:29 ----D---- C:\Users\milan\AppData\Roaming\Skype
2015-05-01 12:08:24 ----D---- C:\Windows\debug
2015-05-01 11:56:31 ----D---- C:\Windows\system32\Tasks
2015-05-01 11:55:39 ----SHD---- C:\Windows\Installer
2015-05-01 11:55:31 ----D---- C:\Windows\system32\DriverStore
2015-05-01 11:55:28 ----D---- C:\Windows\system32\drivers
2015-05-01 11:55:15 ----D---- C:\Windows\twain_32
2015-05-01 11:29:21 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-05-01 11:29:20 ----RD---- C:\Program Files (x86)
2015-05-01 11:29:20 ----HD---- C:\ProgramData
2015-05-01 11:15:37 ----RSD---- C:\Windows\assembly
2015-05-01 11:15:17 ----RSD---- C:\Windows\Fonts
2015-04-28 06:50:22 ----D---- C:\Windows\AppCompat
2015-04-27 19:52:33 ----D---- C:\Windows\system32\catroot2
2015-04-26 16:16:21 ----D---- C:\Windows\rescache
2015-04-26 14:57:38 ----D---- C:\Windows\Microsoft.NET
2015-04-26 14:40:03 ----D---- C:\Windows\winsxs
2015-04-26 14:38:04 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-26 14:38:04 ----D---- C:\Windows\SysWOW64
2015-04-26 14:38:04 ----D---- C:\Windows\system32\wbem
2015-04-26 14:38:04 ----D---- C:\Windows\system32\cs-CZ
2015-04-26 14:38:04 ----D---- C:\Windows\PolicyDefinitions
2015-04-26 14:38:03 ----SD---- C:\ProgramData\Microsoft
2015-04-26 14:38:03 ----D---- C:\Windows\AppPatch
2015-04-26 14:37:57 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-26 14:37:57 ----D---- C:\Program Files\Internet Explorer
2015-04-26 14:37:56 ----D---- C:\Windows\system32\en-US
2015-04-26 14:37:55 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-26 12:57:34 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-26 12:49:42 ----D---- C:\Windows\system32\MRT
2015-04-26 12:49:38 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK); C:\Windows\system32\DRIVERS\cm_km_w.sys [2013-01-14 238288]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-12 439320]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2014-03-31 468576]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-02-08 283064]
R1 klhk;klhk; C:\Windows\system32\DRIVERS\klhk.sys [2014-10-22 245960]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2015-03-26 842440]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2014-10-10 30920]
R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2013-04-12 15456]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2014-10-09 57032]
R1 Klwtp;Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [2014-11-22 77000]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2014-11-10 181960]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2015-03-26 56008]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-11-28 482128]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-18 25912]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-01-16 5358464]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-01-23 342528]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2012-07-31 175928]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2014-11-28 151240]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2014-10-30 30920]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-08-08 29280]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-06-03 11499008]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-10-03 1864328]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-09-20 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-04-07 555760]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2012-03-15 198144]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-15 659976]
R2 AVP15.0.2;Služba Kaspersky Anti-Virus 15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [2014-12-23 193400]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-23 135952]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-03-14 197504]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-03-28 89840]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-09-20 323072]
R2 uArcCapture;ArcCapture; C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-02-15 2602576]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-03-14 994176]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; C:\Program Files\BitComet\tools\BitCometService.exe [2013-11-29 1296728]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-04-30 277488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-02-04 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by milan at 2015-05-08 20:45:21
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 199 GB (77%) free of 258 GB
Total RAM: 4005 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:45:31, on 8.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\milan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send Image To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/201
O8 - Extra context menu item: Send Link To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/203
O8 - Extra context menu item: Send Page To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/204
O8 - Extra context menu item: Send Text To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/202
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Send to Mindjet - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll
O9 - Extra button: Virtuální klávesnice - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Služba Kaspersky Anti-Virus 15.0.2 (AVP15.0.2) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11411 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe" -r
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
C:\Windows\Explorer.EXE
taskeng.exe {4906122A-CBEE-45E3-AA36-72DA4525D94D}
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe" -hidden
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1164.0.1807140761\1427221276" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,19,42 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2963 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*UwSInterstitialStatus/On/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=1164 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="1164.2.1824229603\1234089473" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*UwSInterstitialStatus/On/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=1164 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="1164.3.1978334934\844610753" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*UwSInterstitialStatus/On/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=1164 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="1164.6.877746048\999370087" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\milan\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29 767280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FE6A929-59D1-4763-91AD-29B61CFFB35B}]
CmjBrowserHelperObject Object - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll [2013-09-06 82248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-02-04 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-04-07 2816240]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-04-30 172016]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-04-30 442352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
C:\Program Files\BitComet\BitComet.exe [2013-12-31 17257648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2013-04-30 399856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMReminderService]
C:\Program Files (x86)\Mindjet\MindManager 14\MMReminderService.exe [2013-09-06 42312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-03-14 319360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-02-26 31344744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2012-09-20 1664000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^milan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sledovat výstrahy inkoustu - HP Deskjet 3050A J611 series.lnk]
C:\Windows\system32\RunDll32.exe [2009-07-14 45568]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-01-16 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-05-08 20:45:21 ----D---- C:\rsit
2015-05-08 20:45:21 ----D---- C:\Program Files\trend micro
2015-05-01 12:03:02 ----D---- C:\Windows\pss
2015-05-01 11:55:35 ----N---- C:\Windows\system32\HPDiscoPMa011.dll
2015-05-01 11:29:20 ----D---- C:\ProgramData\Visan
2015-05-01 11:29:20 ----D---- C:\ProgramData\HP Photo Creations
2015-05-01 11:29:20 ----D---- C:\Program Files (x86)\HP Photo Creations
2015-05-01 11:29:10 ----D---- C:\Users\milan\AppData\Roaming\HpUpdate
2015-05-01 11:29:04 ----N---- C:\Windows\system32\HPDiscoPM9311.dll
2015-05-01 11:28:56 ----D---- C:\ProgramData\HP
2015-05-01 11:28:56 ----D---- C:\Program Files\HP
2015-05-01 11:28:50 ----A---- C:\ProgramData\Ament.ini
2015-05-01 11:15:16 ----D---- C:\Program Files (x86)\Hp
2015-04-26 14:38:04 ----SD---- C:\Windows\system32\CompatTel
2015-04-26 14:38:04 ----D---- C:\Windows\system32\appraiser
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wups2.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wups.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wudriver.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wucltux.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuapp.exe
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuapi.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-26 08:00:33 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\invagent.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\generaltel.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\devinv.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\appraiser.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\aitstatic.exe
2015-04-26 08:00:22 ----A---- C:\Windows\system32\aepic.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\aeinv.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\acmigration.dll
2015-04-26 08:00:21 ----A---- C:\Windows\system32\aepdu.dll
2015-04-26 08:00:19 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-26 08:00:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-26 08:00:15 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-26 08:00:15 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-26 08:00:15 ----A---- C:\Windows\system32\msxml3.dll
2015-04-26 08:00:14 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-26 07:59:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-26 07:59:56 ----A---- C:\Windows\system32\ntdll.dll
2015-04-26 07:59:55 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-26 07:59:55 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-26 07:59:55 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-26 07:59:55 ----A---- C:\Windows\system32\kernel32.dll
2015-04-26 07:59:54 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-26 07:59:52 ----A---- C:\Windows\system32\schannel.dll
2015-04-26 07:59:22 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-26 07:59:22 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-26 07:59:22 ----A---- C:\Windows\system32\wow64win.dll
2015-04-26 07:59:22 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\wow64.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\winsrv.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\wdigest.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\sspicli.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\srcore.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\srclient.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\smss.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\secur32.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\rstrui.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\lsass.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\kerberos.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-26 07:59:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-26 07:59:21 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\credssp.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\conhost.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\auditpol.exe
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-26 07:59:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-26 07:59:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-26 07:59:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-26 07:59:19 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\msobjs.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\msaudite.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\adtschema.dll
2015-04-26 07:59:06 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-26 07:59:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-26 07:59:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-26 07:59:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-26 07:59:02 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-26 07:59:02 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-26 07:59:01 ----A---- C:\Windows\system32\iernonce.dll
2015-04-26 07:59:01 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-26 07:59:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-26 07:59:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-26 07:59:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-26 07:59:00 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-26 07:58:59 ----A---- C:\Windows\system32\urlmon.dll
2015-04-26 07:58:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-26 07:58:59 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-26 07:58:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-26 07:58:58 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-26 07:58:58 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-26 07:58:57 ----A---- C:\Windows\system32\iesetup.dll
2015-04-26 07:58:57 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-26 07:58:56 ----A---- C:\Windows\system32\iertutil.dll
2015-04-26 07:58:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-26 07:58:55 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-26 07:58:55 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-26 07:58:55 ----A---- C:\Windows\system32\ieui.dll
2015-04-26 07:58:55 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-26 07:58:54 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-26 07:58:54 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-26 07:58:54 ----A---- C:\Windows\system32\ieframe.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\wininet.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\vbscript.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\jscript9.dll
2015-04-26 07:58:52 ----A---- C:\Windows\system32\msrating.dll
2015-04-26 07:58:52 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-26 07:58:51 ----A---- C:\Windows\system32\mshtml.dll
2015-04-26 07:58:19 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-26 07:58:19 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-26 07:58:19 ----A---- C:\Windows\system32\clfs.sys
======List of files/folders modified in the last 1 month======
2015-05-08 20:45:31 ----D---- C:\Windows\Prefetch
2015-05-08 20:45:26 ----D---- C:\Windows\Temp
2015-05-08 20:45:21 ----RD---- C:\Program Files
2015-05-08 20:39:56 ----D---- C:\ProgramData\Kaspersky Lab
2015-05-08 20:39:46 ----SHD---- C:\System Volume Information
2015-05-08 20:38:49 ----D---- C:\Windows\system32\config
2015-05-08 19:19:34 ----D---- C:\Program Files (x86)\KeePass Password Safe
2015-05-05 21:55:43 ----D---- C:\Users\milan\AppData\Roaming\BitComet
2015-05-05 21:44:25 ----D---- C:\Windows\System32
2015-05-05 21:44:25 ----D---- C:\Windows\inf
2015-05-05 21:44:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-05 21:24:34 ----D---- C:\Users\milan\AppData\Roaming\vlc
2015-05-05 21:03:42 ----D---- C:\Downloads
2015-05-03 10:54:58 ----D---- C:\Windows
2015-05-01 15:41:29 ----D---- C:\Users\milan\AppData\Roaming\Skype
2015-05-01 12:08:24 ----D---- C:\Windows\debug
2015-05-01 11:56:31 ----D---- C:\Windows\system32\Tasks
2015-05-01 11:55:39 ----SHD---- C:\Windows\Installer
2015-05-01 11:55:31 ----D---- C:\Windows\system32\DriverStore
2015-05-01 11:55:28 ----D---- C:\Windows\system32\drivers
2015-05-01 11:55:15 ----D---- C:\Windows\twain_32
2015-05-01 11:29:21 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-05-01 11:29:20 ----RD---- C:\Program Files (x86)
2015-05-01 11:29:20 ----HD---- C:\ProgramData
2015-05-01 11:15:37 ----RSD---- C:\Windows\assembly
2015-05-01 11:15:17 ----RSD---- C:\Windows\Fonts
2015-04-28 06:50:22 ----D---- C:\Windows\AppCompat
2015-04-27 19:52:33 ----D---- C:\Windows\system32\catroot2
2015-04-26 16:16:21 ----D---- C:\Windows\rescache
2015-04-26 14:57:38 ----D---- C:\Windows\Microsoft.NET
2015-04-26 14:40:03 ----D---- C:\Windows\winsxs
2015-04-26 14:38:04 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-26 14:38:04 ----D---- C:\Windows\SysWOW64
2015-04-26 14:38:04 ----D---- C:\Windows\system32\wbem
2015-04-26 14:38:04 ----D---- C:\Windows\system32\cs-CZ
2015-04-26 14:38:04 ----D---- C:\Windows\PolicyDefinitions
2015-04-26 14:38:03 ----SD---- C:\ProgramData\Microsoft
2015-04-26 14:38:03 ----D---- C:\Windows\AppPatch
2015-04-26 14:37:57 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-26 14:37:57 ----D---- C:\Program Files\Internet Explorer
2015-04-26 14:37:56 ----D---- C:\Windows\system32\en-US
2015-04-26 14:37:55 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-26 12:57:34 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-26 12:49:42 ----D---- C:\Windows\system32\MRT
2015-04-26 12:49:38 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK); C:\Windows\system32\DRIVERS\cm_km_w.sys [2013-01-14 238288]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-12 439320]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2014-03-31 468576]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-02-08 283064]
R1 klhk;klhk; C:\Windows\system32\DRIVERS\klhk.sys [2014-10-22 245960]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2015-03-26 842440]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2014-10-10 30920]
R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2013-04-12 15456]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2014-10-09 57032]
R1 Klwtp;Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [2014-11-22 77000]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2014-11-10 181960]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2015-03-26 56008]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-11-28 482128]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-18 25912]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-01-16 5358464]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-01-23 342528]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2012-07-31 175928]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2014-11-28 151240]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2014-10-30 30920]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-08-08 29280]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-06-03 11499008]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-10-03 1864328]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-09-20 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-04-07 555760]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2012-03-15 198144]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-15 659976]
R2 AVP15.0.2;Služba Kaspersky Anti-Virus 15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [2014-12-23 193400]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-23 135952]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-03-14 197504]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-03-28 89840]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-09-20 323072]
R2 uArcCapture;ArcCapture; C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-02-15 2602576]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-03-14 994176]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; C:\Program Files\BitComet\tools\BitCometService.exe [2013-11-29 1296728]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-04-30 277488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-02-04 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomale PC - podezreni na malware
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Time2Groove
- 2. Stupeň Varování
- Příspěvky: 147
- Registrován: 23 říj 2005 18:22
Re: pomale PC - podezreni na malware
# AdwCleaner v4.203 - Log vytvořen 08/05/2015 v 21:15:19
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-05-08.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : milan - MILAN-PC
# Spuštěno z : C:\Users\milan\Desktop\adwcleaner_4.203.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Google Chrome v42.0.2311.135
*************************
AdwCleaner[R1].txt - [760 bytů] - [08/05/2015 21:13:33]
AdwCleaner[S1].txt - [686 bytů] - [08/05/2015 21:15:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [743 bytů] ##########
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-05-08.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : milan - MILAN-PC
# Spuštěno z : C:\Users\milan\Desktop\adwcleaner_4.203.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Google Chrome v42.0.2311.135
*************************
AdwCleaner[R1].txt - [760 bytů] - [08/05/2015 21:13:33]
AdwCleaner[S1].txt - [686 bytů] - [08/05/2015 21:15:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [743 bytů] ##########
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomale PC - podezreni na malware
Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]/64
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Time2Groove
- 2. Stupeň Varování
- Příspěvky: 147
- Registrován: 23 říj 2005 18:22
Re: pomale PC - podezreni na malware
Logfile of random's system information tool 1.10 (written by random/random)
Run by milan at 2015-05-08 22:16:44
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 200 GB (78%) free of 258 GB
Total RAM: 4003 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:16:47, on 8.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe
C:\Program Files\trend micro\milan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send Image To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/201
O8 - Extra context menu item: Send Link To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/203
O8 - Extra context menu item: Send Page To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/204
O8 - Extra context menu item: Send Text To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/202
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Send to Mindjet - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll
O9 - Extra button: Virtuální klávesnice - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Služba Kaspersky Anti-Virus 15.0.2 (AVP15.0.2) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11106 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe" -r
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
taskeng.exe {363DE12A-18B2-46BA-8F87-3E8D063347CA}
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe" -hidden
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\milan\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29 767280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FE6A929-59D1-4763-91AD-29B61CFFB35B}]
CmjBrowserHelperObject Object - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll [2013-09-06 82248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-02-04 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-04-07 2816240]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-04-30 172016]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-04-30 442352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
C:\Program Files\BitComet\BitComet.exe [2013-12-31 17257648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2013-04-30 399856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMReminderService]
C:\Program Files (x86)\Mindjet\MindManager 14\MMReminderService.exe [2013-09-06 42312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-03-14 319360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-02-26 31344744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2012-09-20 1664000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^milan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sledovat výstrahy inkoustu - HP Deskjet 3050A J611 series.lnk]
C:\Windows\system32\RunDll32.exe [2009-07-14 45568]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-01-16 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-05-08 22:14:43 ----D---- C:\_OTM
2015-05-08 21:13:30 ----D---- C:\AdwCleaner
2015-05-08 20:45:21 ----D---- C:\rsit
2015-05-08 20:45:21 ----D---- C:\Program Files\trend micro
2015-05-01 12:03:02 ----D---- C:\Windows\pss
2015-05-01 11:55:35 ----N---- C:\Windows\system32\HPDiscoPMa011.dll
2015-05-01 11:29:20 ----D---- C:\ProgramData\Visan
2015-05-01 11:29:20 ----D---- C:\ProgramData\HP Photo Creations
2015-05-01 11:29:20 ----D---- C:\Program Files (x86)\HP Photo Creations
2015-05-01 11:29:10 ----D---- C:\Users\milan\AppData\Roaming\HpUpdate
2015-05-01 11:29:04 ----N---- C:\Windows\system32\HPDiscoPM9311.dll
2015-05-01 11:28:56 ----D---- C:\ProgramData\HP
2015-05-01 11:28:56 ----D---- C:\Program Files\HP
2015-05-01 11:28:50 ----A---- C:\ProgramData\Ament.ini
2015-05-01 11:15:16 ----D---- C:\Program Files (x86)\Hp
2015-04-26 14:38:04 ----SD---- C:\Windows\system32\CompatTel
2015-04-26 14:38:04 ----D---- C:\Windows\system32\appraiser
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wups2.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wups.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wudriver.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wucltux.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuapp.exe
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuapi.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-26 08:00:33 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\invagent.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\generaltel.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\devinv.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\appraiser.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\aitstatic.exe
2015-04-26 08:00:22 ----A---- C:\Windows\system32\aepic.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\aeinv.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\acmigration.dll
2015-04-26 08:00:21 ----A---- C:\Windows\system32\aepdu.dll
2015-04-26 08:00:19 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-26 08:00:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-26 08:00:15 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-26 08:00:15 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-26 08:00:15 ----A---- C:\Windows\system32\msxml3.dll
2015-04-26 08:00:14 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-26 07:59:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-26 07:59:56 ----A---- C:\Windows\system32\ntdll.dll
2015-04-26 07:59:55 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-26 07:59:55 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-26 07:59:55 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-26 07:59:55 ----A---- C:\Windows\system32\kernel32.dll
2015-04-26 07:59:54 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-26 07:59:52 ----A---- C:\Windows\system32\schannel.dll
2015-04-26 07:59:22 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-26 07:59:22 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-26 07:59:22 ----A---- C:\Windows\system32\wow64win.dll
2015-04-26 07:59:22 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\wow64.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\winsrv.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\wdigest.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\sspicli.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\srcore.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\srclient.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\smss.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\secur32.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\rstrui.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\lsass.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\kerberos.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-26 07:59:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-26 07:59:21 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\credssp.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\conhost.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\auditpol.exe
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-26 07:59:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-26 07:59:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-26 07:59:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-26 07:59:19 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\msobjs.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\msaudite.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\adtschema.dll
2015-04-26 07:59:06 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-26 07:59:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-26 07:59:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-26 07:59:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-26 07:59:02 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-26 07:59:02 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-26 07:59:01 ----A---- C:\Windows\system32\iernonce.dll
2015-04-26 07:59:01 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-26 07:59:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-26 07:59:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-26 07:59:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-26 07:59:00 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-26 07:58:59 ----A---- C:\Windows\system32\urlmon.dll
2015-04-26 07:58:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-26 07:58:59 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-26 07:58:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-26 07:58:58 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-26 07:58:58 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-26 07:58:57 ----A---- C:\Windows\system32\iesetup.dll
2015-04-26 07:58:57 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-26 07:58:56 ----A---- C:\Windows\system32\iertutil.dll
2015-04-26 07:58:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-26 07:58:55 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-26 07:58:55 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-26 07:58:55 ----A---- C:\Windows\system32\ieui.dll
2015-04-26 07:58:55 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-26 07:58:54 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-26 07:58:54 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-26 07:58:54 ----A---- C:\Windows\system32\ieframe.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\wininet.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\vbscript.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\jscript9.dll
2015-04-26 07:58:52 ----A---- C:\Windows\system32\msrating.dll
2015-04-26 07:58:52 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-26 07:58:51 ----A---- C:\Windows\system32\mshtml.dll
2015-04-26 07:58:19 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-26 07:58:19 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-26 07:58:19 ----A---- C:\Windows\system32\clfs.sys
======List of files/folders modified in the last 1 month======
2015-05-08 22:16:05 ----D---- C:\ProgramData\Kaspersky Lab
2015-05-08 22:15:54 ----SHD---- C:\System Volume Information
2015-05-08 22:15:52 ----D---- C:\Windows\Temp
2015-05-08 22:15:13 ----D---- C:\Windows\system32\config
2015-05-08 22:14:46 ----D---- C:\Windows\Prefetch
2015-05-08 22:14:43 ----D---- C:\Windows\Tasks
2015-05-08 22:03:34 ----D---- C:\Program Files (x86)\KeePass Password Safe
2015-05-08 20:45:21 ----RD---- C:\Program Files
2015-05-05 21:55:43 ----D---- C:\Users\milan\AppData\Roaming\BitComet
2015-05-05 21:44:25 ----D---- C:\Windows\System32
2015-05-05 21:44:25 ----D---- C:\Windows\inf
2015-05-05 21:44:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-05 21:24:34 ----D---- C:\Users\milan\AppData\Roaming\vlc
2015-05-05 21:03:42 ----D---- C:\Downloads
2015-05-03 10:54:58 ----D---- C:\Windows
2015-05-01 15:41:29 ----D---- C:\Users\milan\AppData\Roaming\Skype
2015-05-01 12:08:24 ----D---- C:\Windows\debug
2015-05-01 11:56:31 ----D---- C:\Windows\system32\Tasks
2015-05-01 11:55:39 ----SHD---- C:\Windows\Installer
2015-05-01 11:55:31 ----D---- C:\Windows\system32\DriverStore
2015-05-01 11:55:28 ----D---- C:\Windows\system32\drivers
2015-05-01 11:55:15 ----D---- C:\Windows\twain_32
2015-05-01 11:29:21 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-05-01 11:29:20 ----RD---- C:\Program Files (x86)
2015-05-01 11:29:20 ----HD---- C:\ProgramData
2015-05-01 11:15:37 ----RSD---- C:\Windows\assembly
2015-05-01 11:15:17 ----RSD---- C:\Windows\Fonts
2015-04-28 06:50:22 ----D---- C:\Windows\AppCompat
2015-04-27 19:52:33 ----D---- C:\Windows\system32\catroot2
2015-04-26 16:16:21 ----D---- C:\Windows\rescache
2015-04-26 14:57:38 ----D---- C:\Windows\Microsoft.NET
2015-04-26 14:40:03 ----D---- C:\Windows\winsxs
2015-04-26 14:38:04 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-26 14:38:04 ----D---- C:\Windows\SysWOW64
2015-04-26 14:38:04 ----D---- C:\Windows\system32\wbem
2015-04-26 14:38:04 ----D---- C:\Windows\system32\cs-CZ
2015-04-26 14:38:04 ----D---- C:\Windows\PolicyDefinitions
2015-04-26 14:38:03 ----SD---- C:\ProgramData\Microsoft
2015-04-26 14:38:03 ----D---- C:\Windows\AppPatch
2015-04-26 14:37:57 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-26 14:37:57 ----D---- C:\Program Files\Internet Explorer
2015-04-26 14:37:56 ----D---- C:\Windows\system32\en-US
2015-04-26 14:37:55 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-26 12:57:34 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-26 12:54:51 ----D---- C:\Windows\system32\MRT
2015-04-26 12:49:38 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK); C:\Windows\system32\DRIVERS\cm_km_w.sys [2013-01-14 238288]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-12 439320]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2014-03-31 468576]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-02-08 283064]
R1 klhk;klhk; C:\Windows\system32\DRIVERS\klhk.sys [2014-10-22 245960]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2015-03-26 842440]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2014-10-10 30920]
R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2013-04-12 15456]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2014-10-09 57032]
R1 Klwtp;Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [2014-11-22 77000]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2014-11-10 181960]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2015-03-26 56008]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-11-28 482128]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-18 25912]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-01-16 5358464]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-01-23 342528]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2012-07-31 175928]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2014-11-28 151240]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2014-10-30 30920]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-08-08 29280]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-06-03 11499008]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-10-03 1864328]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-09-20 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-04-07 555760]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2012-03-15 198144]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AVP15.0.2;Služba Kaspersky Anti-Virus 15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [2014-12-23 193400]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-03-14 197504]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-03-28 89840]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-09-20 323072]
R2 uArcCapture;ArcCapture; C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-02-15 2602576]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-03-14 994176]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-15 659976]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-23 135952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03 107912]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; C:\Program Files\BitComet\tools\BitCometService.exe [2013-11-29 1296728]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-04-30 277488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-02-04 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Run by milan at 2015-05-08 22:16:44
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 200 GB (78%) free of 258 GB
Total RAM: 4003 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:16:47, on 8.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe
C:\Program Files\trend micro\milan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send Image To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/201
O8 - Extra context menu item: Send Link To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/203
O8 - Extra context menu item: Send Page To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/204
O8 - Extra context menu item: Send Text To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/202
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Send to Mindjet - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll
O9 - Extra button: Virtuální klávesnice - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Služba Kaspersky Anti-Virus 15.0.2 (AVP15.0.2) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11106 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe" -r
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
taskeng.exe {363DE12A-18B2-46BA-8F87-3E8D063347CA}
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe" -hidden
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\milan\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29 767280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FE6A929-59D1-4763-91AD-29B61CFFB35B}]
CmjBrowserHelperObject Object - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll [2013-09-06 82248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-02-04 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-04-07 2816240]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-04-30 172016]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-04-30 442352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
C:\Program Files\BitComet\BitComet.exe [2013-12-31 17257648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2013-04-30 399856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMReminderService]
C:\Program Files (x86)\Mindjet\MindManager 14\MMReminderService.exe [2013-09-06 42312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-03-14 319360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-02-26 31344744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2012-09-20 1664000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^milan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sledovat výstrahy inkoustu - HP Deskjet 3050A J611 series.lnk]
C:\Windows\system32\RunDll32.exe [2009-07-14 45568]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-01-16 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-05-08 22:14:43 ----D---- C:\_OTM
2015-05-08 21:13:30 ----D---- C:\AdwCleaner
2015-05-08 20:45:21 ----D---- C:\rsit
2015-05-08 20:45:21 ----D---- C:\Program Files\trend micro
2015-05-01 12:03:02 ----D---- C:\Windows\pss
2015-05-01 11:55:35 ----N---- C:\Windows\system32\HPDiscoPMa011.dll
2015-05-01 11:29:20 ----D---- C:\ProgramData\Visan
2015-05-01 11:29:20 ----D---- C:\ProgramData\HP Photo Creations
2015-05-01 11:29:20 ----D---- C:\Program Files (x86)\HP Photo Creations
2015-05-01 11:29:10 ----D---- C:\Users\milan\AppData\Roaming\HpUpdate
2015-05-01 11:29:04 ----N---- C:\Windows\system32\HPDiscoPM9311.dll
2015-05-01 11:28:56 ----D---- C:\ProgramData\HP
2015-05-01 11:28:56 ----D---- C:\Program Files\HP
2015-05-01 11:28:50 ----A---- C:\ProgramData\Ament.ini
2015-05-01 11:15:16 ----D---- C:\Program Files (x86)\Hp
2015-04-26 14:38:04 ----SD---- C:\Windows\system32\CompatTel
2015-04-26 14:38:04 ----D---- C:\Windows\system32\appraiser
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wups2.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wups.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wudriver.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wucltux.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuapp.exe
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuapi.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-26 08:00:33 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\invagent.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\generaltel.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\devinv.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\appraiser.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\aitstatic.exe
2015-04-26 08:00:22 ----A---- C:\Windows\system32\aepic.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\aeinv.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\acmigration.dll
2015-04-26 08:00:21 ----A---- C:\Windows\system32\aepdu.dll
2015-04-26 08:00:19 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-26 08:00:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-26 08:00:15 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-26 08:00:15 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-26 08:00:15 ----A---- C:\Windows\system32\msxml3.dll
2015-04-26 08:00:14 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-26 07:59:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-26 07:59:56 ----A---- C:\Windows\system32\ntdll.dll
2015-04-26 07:59:55 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-26 07:59:55 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-26 07:59:55 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-26 07:59:55 ----A---- C:\Windows\system32\kernel32.dll
2015-04-26 07:59:54 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-26 07:59:52 ----A---- C:\Windows\system32\schannel.dll
2015-04-26 07:59:22 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-26 07:59:22 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-26 07:59:22 ----A---- C:\Windows\system32\wow64win.dll
2015-04-26 07:59:22 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\wow64.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\winsrv.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\wdigest.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\sspicli.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\srcore.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\srclient.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\smss.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\secur32.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\rstrui.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\lsass.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\kerberos.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-26 07:59:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-26 07:59:21 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\credssp.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\conhost.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\auditpol.exe
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-26 07:59:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-26 07:59:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-26 07:59:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-26 07:59:19 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\msobjs.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\msaudite.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\adtschema.dll
2015-04-26 07:59:06 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-26 07:59:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-26 07:59:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-26 07:59:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-26 07:59:02 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-26 07:59:02 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-26 07:59:01 ----A---- C:\Windows\system32\iernonce.dll
2015-04-26 07:59:01 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-26 07:59:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-26 07:59:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-26 07:59:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-26 07:59:00 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-26 07:58:59 ----A---- C:\Windows\system32\urlmon.dll
2015-04-26 07:58:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-26 07:58:59 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-26 07:58:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-26 07:58:58 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-26 07:58:58 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-26 07:58:57 ----A---- C:\Windows\system32\iesetup.dll
2015-04-26 07:58:57 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-26 07:58:56 ----A---- C:\Windows\system32\iertutil.dll
2015-04-26 07:58:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-26 07:58:55 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-26 07:58:55 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-26 07:58:55 ----A---- C:\Windows\system32\ieui.dll
2015-04-26 07:58:55 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-26 07:58:54 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-26 07:58:54 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-26 07:58:54 ----A---- C:\Windows\system32\ieframe.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\wininet.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\vbscript.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\jscript9.dll
2015-04-26 07:58:52 ----A---- C:\Windows\system32\msrating.dll
2015-04-26 07:58:52 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-26 07:58:51 ----A---- C:\Windows\system32\mshtml.dll
2015-04-26 07:58:19 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-26 07:58:19 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-26 07:58:19 ----A---- C:\Windows\system32\clfs.sys
======List of files/folders modified in the last 1 month======
2015-05-08 22:16:05 ----D---- C:\ProgramData\Kaspersky Lab
2015-05-08 22:15:54 ----SHD---- C:\System Volume Information
2015-05-08 22:15:52 ----D---- C:\Windows\Temp
2015-05-08 22:15:13 ----D---- C:\Windows\system32\config
2015-05-08 22:14:46 ----D---- C:\Windows\Prefetch
2015-05-08 22:14:43 ----D---- C:\Windows\Tasks
2015-05-08 22:03:34 ----D---- C:\Program Files (x86)\KeePass Password Safe
2015-05-08 20:45:21 ----RD---- C:\Program Files
2015-05-05 21:55:43 ----D---- C:\Users\milan\AppData\Roaming\BitComet
2015-05-05 21:44:25 ----D---- C:\Windows\System32
2015-05-05 21:44:25 ----D---- C:\Windows\inf
2015-05-05 21:44:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-05 21:24:34 ----D---- C:\Users\milan\AppData\Roaming\vlc
2015-05-05 21:03:42 ----D---- C:\Downloads
2015-05-03 10:54:58 ----D---- C:\Windows
2015-05-01 15:41:29 ----D---- C:\Users\milan\AppData\Roaming\Skype
2015-05-01 12:08:24 ----D---- C:\Windows\debug
2015-05-01 11:56:31 ----D---- C:\Windows\system32\Tasks
2015-05-01 11:55:39 ----SHD---- C:\Windows\Installer
2015-05-01 11:55:31 ----D---- C:\Windows\system32\DriverStore
2015-05-01 11:55:28 ----D---- C:\Windows\system32\drivers
2015-05-01 11:55:15 ----D---- C:\Windows\twain_32
2015-05-01 11:29:21 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-05-01 11:29:20 ----RD---- C:\Program Files (x86)
2015-05-01 11:29:20 ----HD---- C:\ProgramData
2015-05-01 11:15:37 ----RSD---- C:\Windows\assembly
2015-05-01 11:15:17 ----RSD---- C:\Windows\Fonts
2015-04-28 06:50:22 ----D---- C:\Windows\AppCompat
2015-04-27 19:52:33 ----D---- C:\Windows\system32\catroot2
2015-04-26 16:16:21 ----D---- C:\Windows\rescache
2015-04-26 14:57:38 ----D---- C:\Windows\Microsoft.NET
2015-04-26 14:40:03 ----D---- C:\Windows\winsxs
2015-04-26 14:38:04 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-26 14:38:04 ----D---- C:\Windows\SysWOW64
2015-04-26 14:38:04 ----D---- C:\Windows\system32\wbem
2015-04-26 14:38:04 ----D---- C:\Windows\system32\cs-CZ
2015-04-26 14:38:04 ----D---- C:\Windows\PolicyDefinitions
2015-04-26 14:38:03 ----SD---- C:\ProgramData\Microsoft
2015-04-26 14:38:03 ----D---- C:\Windows\AppPatch
2015-04-26 14:37:57 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-26 14:37:57 ----D---- C:\Program Files\Internet Explorer
2015-04-26 14:37:56 ----D---- C:\Windows\system32\en-US
2015-04-26 14:37:55 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-26 12:57:34 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-26 12:54:51 ----D---- C:\Windows\system32\MRT
2015-04-26 12:49:38 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK); C:\Windows\system32\DRIVERS\cm_km_w.sys [2013-01-14 238288]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-12 439320]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2014-03-31 468576]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-02-08 283064]
R1 klhk;klhk; C:\Windows\system32\DRIVERS\klhk.sys [2014-10-22 245960]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2015-03-26 842440]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2014-10-10 30920]
R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2013-04-12 15456]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2014-10-09 57032]
R1 Klwtp;Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [2014-11-22 77000]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2014-11-10 181960]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2015-03-26 56008]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-11-28 482128]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-18 25912]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-01-16 5358464]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-01-23 342528]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2012-07-31 175928]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2014-11-28 151240]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2014-10-30 30920]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-08-08 29280]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-06-03 11499008]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-10-03 1864328]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-09-20 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-04-07 555760]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2012-03-15 198144]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AVP15.0.2;Služba Kaspersky Anti-Virus 15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [2014-12-23 193400]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-03-14 197504]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-03-28 89840]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-09-20 323072]
R2 uArcCapture;ArcCapture; C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-02-15 2602576]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-03-14 994176]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-15 659976]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-23 135952]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03 107912]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; C:\Program Files\BitComet\tools\BitCometService.exe [2013-11-29 1296728]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-04-30 277488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-02-04 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomale PC - podezreni na malware
Smazáno, ale žádný malware jsem neobjevil. Toto byly pouze zbytečnosti. Zkuste ještě kompletní sken MBAM:http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Time2Groove
- 2. Stupeň Varování
- Příspěvky: 147
- Registrován: 23 říj 2005 18:22
Re: pomale PC - podezreni na malware
tak dalsi log
Logfile of random's system information tool 1.10 (written by random/random)
Run by milan at 2015-05-08 23:03:54
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 200 GB (78%) free of 258 GB
Total RAM: 4003 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:03:59, on 8.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\trend micro\milan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send Image To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/201
O8 - Extra context menu item: Send Link To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/203
O8 - Extra context menu item: Send Page To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/204
O8 - Extra context menu item: Send Text To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/202
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Send to Mindjet - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll
O9 - Extra button: Virtuální klávesnice - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Služba Kaspersky Anti-Virus 15.0.2 (AVP15.0.2) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - http://www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11901 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe" -r
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
taskeng.exe {363DE12A-18B2-46BA-8F87-3E8D063347CA}
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe" -hidden
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4660.0.934955083\1126576909" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,19,42 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2963 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*UwSInterstitialStatus/On/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4660 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4660.2.1208873481\1049541943" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*UwSInterstitialStatus/On/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4660 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4660.3.2066808695\1011089263" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*UwSInterstitialStatus/On/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4660 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4660.6.994498409\613148160" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*UwSInterstitialStatus/On/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4660 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4660.7.481748374\587014210" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*UwSInterstitialStatus/On/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4660 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4660.9.1917329810\1315887600" /prefetch:673131151
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*UwSInterstitialStatus/On/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4660 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4660.20.673189413\509930149" /prefetch:673131151
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"
"taskhost.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\milan\Desktop\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29 767280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FE6A929-59D1-4763-91AD-29B61CFFB35B}]
CmjBrowserHelperObject Object - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll [2013-09-06 82248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-02-04 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-04-07 2816240]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-04-30 172016]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-04-30 442352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
C:\Program Files\BitComet\BitComet.exe [2013-12-31 17257648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2013-04-30 399856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMReminderService]
C:\Program Files (x86)\Mindjet\MindManager 14\MMReminderService.exe [2013-09-06 42312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-03-14 319360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-02-26 31344744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2012-09-20 1664000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^milan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sledovat výstrahy inkoustu - HP Deskjet 3050A J611 series.lnk]
C:\Windows\system32\RunDll32.exe [2009-07-14 45568]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-01-16 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-05-08 22:49:34 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-05-08 22:49:16 ----D---- C:\ProgramData\Malwarebytes
2015-05-08 22:49:16 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-08 22:49:16 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-05-08 22:49:16 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-05-08 22:14:43 ----D---- C:\_OTM
2015-05-08 21:13:30 ----D---- C:\AdwCleaner
2015-05-08 20:45:21 ----D---- C:\rsit
2015-05-08 20:45:21 ----D---- C:\Program Files\trend micro
2015-05-01 12:03:02 ----D---- C:\Windows\pss
2015-05-01 11:55:35 ----N---- C:\Windows\system32\HPDiscoPMa011.dll
2015-05-01 11:29:20 ----D---- C:\ProgramData\Visan
2015-05-01 11:29:20 ----D---- C:\ProgramData\HP Photo Creations
2015-05-01 11:29:20 ----D---- C:\Program Files (x86)\HP Photo Creations
2015-05-01 11:29:10 ----D---- C:\Users\milan\AppData\Roaming\HpUpdate
2015-05-01 11:29:04 ----N---- C:\Windows\system32\HPDiscoPM9311.dll
2015-05-01 11:28:56 ----D---- C:\ProgramData\HP
2015-05-01 11:28:56 ----D---- C:\Program Files\HP
2015-05-01 11:28:50 ----A---- C:\ProgramData\Ament.ini
2015-05-01 11:15:16 ----D---- C:\Program Files (x86)\Hp
2015-04-26 14:38:04 ----SD---- C:\Windows\system32\CompatTel
2015-04-26 14:38:04 ----D---- C:\Windows\system32\appraiser
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wups2.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wups.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wudriver.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wucltux.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuapp.exe
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuapi.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-26 08:00:33 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\invagent.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\generaltel.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\devinv.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\appraiser.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\aitstatic.exe
2015-04-26 08:00:22 ----A---- C:\Windows\system32\aepic.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\aeinv.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\acmigration.dll
2015-04-26 08:00:21 ----A---- C:\Windows\system32\aepdu.dll
2015-04-26 08:00:19 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-26 08:00:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-26 08:00:15 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-26 08:00:15 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-26 08:00:15 ----A---- C:\Windows\system32\msxml3.dll
2015-04-26 08:00:14 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-26 07:59:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-26 07:59:56 ----A---- C:\Windows\system32\ntdll.dll
2015-04-26 07:59:55 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-26 07:59:55 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-26 07:59:55 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-26 07:59:55 ----A---- C:\Windows\system32\kernel32.dll
2015-04-26 07:59:54 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-26 07:59:52 ----A---- C:\Windows\system32\schannel.dll
2015-04-26 07:59:22 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-26 07:59:22 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-26 07:59:22 ----A---- C:\Windows\system32\wow64win.dll
2015-04-26 07:59:22 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\wow64.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\winsrv.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\wdigest.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\sspicli.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\srcore.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\srclient.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\smss.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\secur32.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\rstrui.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\lsass.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\kerberos.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-26 07:59:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-26 07:59:21 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\credssp.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\conhost.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\auditpol.exe
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-26 07:59:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-26 07:59:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-26 07:59:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-26 07:59:19 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\msobjs.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\msaudite.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\adtschema.dll
2015-04-26 07:59:06 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-26 07:59:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-26 07:59:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-26 07:59:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-26 07:59:02 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-26 07:59:02 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-26 07:59:01 ----A---- C:\Windows\system32\iernonce.dll
2015-04-26 07:59:01 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-26 07:59:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-26 07:59:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-26 07:59:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-26 07:59:00 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-26 07:58:59 ----A---- C:\Windows\system32\urlmon.dll
2015-04-26 07:58:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-26 07:58:59 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-26 07:58:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-26 07:58:58 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-26 07:58:58 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-26 07:58:57 ----A---- C:\Windows\system32\iesetup.dll
2015-04-26 07:58:57 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-26 07:58:56 ----A---- C:\Windows\system32\iertutil.dll
2015-04-26 07:58:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-26 07:58:55 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-26 07:58:55 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-26 07:58:55 ----A---- C:\Windows\system32\ieui.dll
2015-04-26 07:58:55 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-26 07:58:54 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-26 07:58:54 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-26 07:58:54 ----A---- C:\Windows\system32\ieframe.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\wininet.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\vbscript.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\jscript9.dll
2015-04-26 07:58:52 ----A---- C:\Windows\system32\msrating.dll
2015-04-26 07:58:52 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-26 07:58:51 ----A---- C:\Windows\system32\mshtml.dll
2015-04-26 07:58:19 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-26 07:58:19 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-26 07:58:19 ----A---- C:\Windows\system32\clfs.sys
======List of files/folders modified in the last 1 month======
2015-05-08 23:03:55 ----D---- C:\Windows\Temp
2015-05-08 22:49:40 ----D---- C:\Windows\Prefetch
2015-05-08 22:49:34 ----D---- C:\Windows\system32\drivers
2015-05-08 22:49:16 ----RD---- C:\Program Files (x86)
2015-05-08 22:49:16 ----HD---- C:\ProgramData
2015-05-08 22:16:05 ----D---- C:\ProgramData\Kaspersky Lab
2015-05-08 22:15:54 ----SHD---- C:\System Volume Information
2015-05-08 22:15:13 ----D---- C:\Windows\system32\config
2015-05-08 22:14:43 ----D---- C:\Windows\Tasks
2015-05-08 22:03:34 ----D---- C:\Program Files (x86)\KeePass Password Safe
2015-05-08 20:45:21 ----RD---- C:\Program Files
2015-05-05 21:55:43 ----D---- C:\Users\milan\AppData\Roaming\BitComet
2015-05-05 21:44:25 ----D---- C:\Windows\System32
2015-05-05 21:44:25 ----D---- C:\Windows\inf
2015-05-05 21:44:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-05 21:24:34 ----D---- C:\Users\milan\AppData\Roaming\vlc
2015-05-05 21:03:42 ----D---- C:\Downloads
2015-05-03 10:54:58 ----D---- C:\Windows
2015-05-01 15:41:29 ----D---- C:\Users\milan\AppData\Roaming\Skype
2015-05-01 12:08:24 ----D---- C:\Windows\debug
2015-05-01 11:56:31 ----D---- C:\Windows\system32\Tasks
2015-05-01 11:55:39 ----SHD---- C:\Windows\Installer
2015-05-01 11:55:31 ----D---- C:\Windows\system32\DriverStore
2015-05-01 11:55:15 ----D---- C:\Windows\twain_32
2015-05-01 11:29:21 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-05-01 11:15:37 ----RSD---- C:\Windows\assembly
2015-05-01 11:15:17 ----RSD---- C:\Windows\Fonts
2015-04-28 06:50:22 ----D---- C:\Windows\AppCompat
2015-04-27 19:52:33 ----D---- C:\Windows\system32\catroot2
2015-04-26 16:16:21 ----D---- C:\Windows\rescache
2015-04-26 14:57:38 ----D---- C:\Windows\Microsoft.NET
2015-04-26 14:40:03 ----D---- C:\Windows\winsxs
2015-04-26 14:38:04 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-26 14:38:04 ----D---- C:\Windows\SysWOW64
2015-04-26 14:38:04 ----D---- C:\Windows\system32\wbem
2015-04-26 14:38:04 ----D---- C:\Windows\system32\cs-CZ
2015-04-26 14:38:04 ----D---- C:\Windows\PolicyDefinitions
2015-04-26 14:38:03 ----SD---- C:\ProgramData\Microsoft
2015-04-26 14:38:03 ----D---- C:\Windows\AppPatch
2015-04-26 14:37:57 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-26 14:37:57 ----D---- C:\Program Files\Internet Explorer
2015-04-26 14:37:56 ----D---- C:\Windows\system32\en-US
2015-04-26 14:37:55 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-26 12:57:34 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-26 12:54:51 ----D---- C:\Windows\system32\MRT
2015-04-26 12:49:38 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK); C:\Windows\system32\DRIVERS\cm_km_w.sys [2013-01-14 238288]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-12 439320]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2014-03-31 468576]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-02-08 283064]
R1 klhk;klhk; C:\Windows\system32\DRIVERS\klhk.sys [2014-10-22 245960]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2015-03-26 842440]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2014-10-10 30920]
R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2013-04-12 15456]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2014-10-09 57032]
R1 Klwtp;Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [2014-11-22 77000]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2014-11-10 181960]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2015-03-26 56008]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-11-28 482128]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-18 25912]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-01-16 5358464]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-01-23 342528]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2012-07-31 175928]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2014-11-28 151240]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2014-10-30 30920]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-08-08 29280]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-04-14 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-05-08 136408]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-04-14 63704]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-06-03 11499008]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-10-03 1864328]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-09-20 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-04-07 555760]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2012-03-15 198144]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-15 659976]
R2 AVP15.0.2;Služba Kaspersky Anti-Virus 15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [2014-12-23 193400]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-23 135952]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-03-14 197504]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-03-28 89840]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-04-14 1871160]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-09-20 323072]
R2 uArcCapture;ArcCapture; C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-02-15 2602576]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-03-14 994176]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; C:\Program Files\BitComet\tools\BitCometService.exe [2013-11-29 1296728]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-04-30 277488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-02-04 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by milan at 2015-05-08 23:03:54
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 200 GB (78%) free of 258 GB
Total RAM: 4003 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:03:59, on 8.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\trend micro\milan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: ContentBlockerBrowserHelperObject - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: Safe Money Plugin - {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send Image To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/201
O8 - Extra context menu item: Send Link To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/203
O8 - Extra context menu item: Send Page To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/204
O8 - Extra context menu item: Send Text To Mindjet - res://C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll/202
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Send to Mindjet - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll
O9 - Extra button: Virtuální klávesnice - {5547CE1F-74E9-41E5-9CBF-5211ECC37341} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Služba Kaspersky Anti-Virus 15.0.2 (AVP15.0.2) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - http://www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11901 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe" -r
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
taskeng.exe {363DE12A-18B2-46BA-8F87-3E8D063347CA}
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe" -hidden
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4660.0.934955083\1126576909" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,19,42 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2963 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*UwSInterstitialStatus/On/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4660 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4660.2.1208873481\1049541943" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*UwSInterstitialStatus/On/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4660 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4660.3.2066808695\1011089263" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*UwSInterstitialStatus/On/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4660 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4660.6.994498409\613148160" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*UwSInterstitialStatus/On/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4660 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4660.7.481748374\587014210" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*UwSInterstitialStatus/On/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4660 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4660.9.1917329810\1315887600" /prefetch:673131151
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_11/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultDisabled/*UwSInterstitialStatus/On/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4660 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4660.20.673189413\509930149" /prefetch:673131151
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"
"taskhost.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\milan\Desktop\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23 1865000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29 767280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FE6A929-59D1-4763-91AD-29B61CFFB35B}]
CmjBrowserHelperObject Object - C:\Program Files (x86)\Mindjet\MindManager 14\Mm8InternetExplorer.dll [2013-09-06 82248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93BC2EA7-2F17-4729-948A-D2E03FFB2412}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB379017-4C03-4E00-8EDF-E6D6AF7CCF82}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23 1699112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-02-04 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-04-07 2816240]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-04-30 172016]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-04-30 442352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet]
C:\Program Files\BitComet\BitComet.exe [2013-12-31 17257648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2013-04-30 399856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMReminderService]
C:\Program Files (x86)\Mindjet\MindManager 14\MMReminderService.exe [2013-09-06 42312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-03-14 319360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-02-26 31344744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2012-09-20 1664000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^milan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sledovat výstrahy inkoustu - HP Deskjet 3050A J611 series.lnk]
C:\Windows\system32\RunDll32.exe [2009-07-14 45568]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-01-16 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-05-08 22:49:34 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-05-08 22:49:16 ----D---- C:\ProgramData\Malwarebytes
2015-05-08 22:49:16 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-08 22:49:16 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-05-08 22:49:16 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-05-08 22:14:43 ----D---- C:\_OTM
2015-05-08 21:13:30 ----D---- C:\AdwCleaner
2015-05-08 20:45:21 ----D---- C:\rsit
2015-05-08 20:45:21 ----D---- C:\Program Files\trend micro
2015-05-01 12:03:02 ----D---- C:\Windows\pss
2015-05-01 11:55:35 ----N---- C:\Windows\system32\HPDiscoPMa011.dll
2015-05-01 11:29:20 ----D---- C:\ProgramData\Visan
2015-05-01 11:29:20 ----D---- C:\ProgramData\HP Photo Creations
2015-05-01 11:29:20 ----D---- C:\Program Files (x86)\HP Photo Creations
2015-05-01 11:29:10 ----D---- C:\Users\milan\AppData\Roaming\HpUpdate
2015-05-01 11:29:04 ----N---- C:\Windows\system32\HPDiscoPM9311.dll
2015-05-01 11:28:56 ----D---- C:\ProgramData\HP
2015-05-01 11:28:56 ----D---- C:\Program Files\HP
2015-05-01 11:28:50 ----A---- C:\ProgramData\Ament.ini
2015-05-01 11:15:16 ----D---- C:\Program Files (x86)\Hp
2015-04-26 14:38:04 ----SD---- C:\Windows\system32\CompatTel
2015-04-26 14:38:04 ----D---- C:\Windows\system32\appraiser
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-26 08:00:34 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wups2.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wups.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wudriver.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wucltux.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuapp.exe
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wuapi.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-26 08:00:34 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-26 08:00:33 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\invagent.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\generaltel.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\devinv.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\appraiser.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\aitstatic.exe
2015-04-26 08:00:22 ----A---- C:\Windows\system32\aepic.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\aeinv.dll
2015-04-26 08:00:22 ----A---- C:\Windows\system32\acmigration.dll
2015-04-26 08:00:21 ----A---- C:\Windows\system32\aepdu.dll
2015-04-26 08:00:19 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-26 08:00:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-26 08:00:15 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-26 08:00:15 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-26 08:00:15 ----A---- C:\Windows\system32\msxml3.dll
2015-04-26 08:00:14 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-26 07:59:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-26 07:59:56 ----A---- C:\Windows\system32\ntdll.dll
2015-04-26 07:59:55 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-26 07:59:55 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-26 07:59:55 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-26 07:59:55 ----A---- C:\Windows\system32\kernel32.dll
2015-04-26 07:59:54 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-26 07:59:52 ----A---- C:\Windows\system32\schannel.dll
2015-04-26 07:59:22 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-26 07:59:22 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-26 07:59:22 ----A---- C:\Windows\system32\wow64win.dll
2015-04-26 07:59:22 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-26 07:59:21 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-26 07:59:21 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\wow64.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\winsrv.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\wdigest.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\sspicli.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\srcore.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\srclient.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\smss.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\secur32.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\rstrui.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\lsass.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\kerberos.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-26 07:59:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-26 07:59:21 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\credssp.dll
2015-04-26 07:59:21 ----A---- C:\Windows\system32\conhost.exe
2015-04-26 07:59:21 ----A---- C:\Windows\system32\auditpol.exe
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-26 07:59:20 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-26 07:59:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-26 07:59:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-26 07:59:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-26 07:59:19 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-26 07:59:18 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\msobjs.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\msaudite.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-26 07:59:18 ----A---- C:\Windows\system32\adtschema.dll
2015-04-26 07:59:06 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-26 07:59:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-26 07:59:02 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-26 07:59:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-26 07:59:02 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-26 07:59:02 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-26 07:59:01 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-26 07:59:01 ----A---- C:\Windows\system32\iernonce.dll
2015-04-26 07:59:01 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-26 07:59:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-26 07:59:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-26 07:59:00 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-26 07:59:00 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-26 07:58:59 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-26 07:58:59 ----A---- C:\Windows\system32\urlmon.dll
2015-04-26 07:58:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-26 07:58:59 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-26 07:58:58 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-26 07:58:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-26 07:58:58 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-26 07:58:58 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-26 07:58:57 ----A---- C:\Windows\system32\iesetup.dll
2015-04-26 07:58:57 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-26 07:58:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-26 07:58:56 ----A---- C:\Windows\system32\iertutil.dll
2015-04-26 07:58:55 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-26 07:58:55 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-26 07:58:55 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-26 07:58:55 ----A---- C:\Windows\system32\ieui.dll
2015-04-26 07:58:55 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-26 07:58:54 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-26 07:58:54 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-26 07:58:54 ----A---- C:\Windows\system32\ieframe.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\wininet.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\vbscript.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-26 07:58:53 ----A---- C:\Windows\system32\jscript9.dll
2015-04-26 07:58:52 ----A---- C:\Windows\system32\msrating.dll
2015-04-26 07:58:52 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-26 07:58:51 ----A---- C:\Windows\system32\mshtml.dll
2015-04-26 07:58:19 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-26 07:58:19 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-26 07:58:19 ----A---- C:\Windows\system32\clfs.sys
======List of files/folders modified in the last 1 month======
2015-05-08 23:03:55 ----D---- C:\Windows\Temp
2015-05-08 22:49:40 ----D---- C:\Windows\Prefetch
2015-05-08 22:49:34 ----D---- C:\Windows\system32\drivers
2015-05-08 22:49:16 ----RD---- C:\Program Files (x86)
2015-05-08 22:49:16 ----HD---- C:\ProgramData
2015-05-08 22:16:05 ----D---- C:\ProgramData\Kaspersky Lab
2015-05-08 22:15:54 ----SHD---- C:\System Volume Information
2015-05-08 22:15:13 ----D---- C:\Windows\system32\config
2015-05-08 22:14:43 ----D---- C:\Windows\Tasks
2015-05-08 22:03:34 ----D---- C:\Program Files (x86)\KeePass Password Safe
2015-05-08 20:45:21 ----RD---- C:\Program Files
2015-05-05 21:55:43 ----D---- C:\Users\milan\AppData\Roaming\BitComet
2015-05-05 21:44:25 ----D---- C:\Windows\System32
2015-05-05 21:44:25 ----D---- C:\Windows\inf
2015-05-05 21:44:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-05 21:24:34 ----D---- C:\Users\milan\AppData\Roaming\vlc
2015-05-05 21:03:42 ----D---- C:\Downloads
2015-05-03 10:54:58 ----D---- C:\Windows
2015-05-01 15:41:29 ----D---- C:\Users\milan\AppData\Roaming\Skype
2015-05-01 12:08:24 ----D---- C:\Windows\debug
2015-05-01 11:56:31 ----D---- C:\Windows\system32\Tasks
2015-05-01 11:55:39 ----SHD---- C:\Windows\Installer
2015-05-01 11:55:31 ----D---- C:\Windows\system32\DriverStore
2015-05-01 11:55:15 ----D---- C:\Windows\twain_32
2015-05-01 11:29:21 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-05-01 11:15:37 ----RSD---- C:\Windows\assembly
2015-05-01 11:15:17 ----RSD---- C:\Windows\Fonts
2015-04-28 06:50:22 ----D---- C:\Windows\AppCompat
2015-04-27 19:52:33 ----D---- C:\Windows\system32\catroot2
2015-04-26 16:16:21 ----D---- C:\Windows\rescache
2015-04-26 14:57:38 ----D---- C:\Windows\Microsoft.NET
2015-04-26 14:40:03 ----D---- C:\Windows\winsxs
2015-04-26 14:38:04 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-26 14:38:04 ----D---- C:\Windows\SysWOW64
2015-04-26 14:38:04 ----D---- C:\Windows\system32\wbem
2015-04-26 14:38:04 ----D---- C:\Windows\system32\cs-CZ
2015-04-26 14:38:04 ----D---- C:\Windows\PolicyDefinitions
2015-04-26 14:38:03 ----SD---- C:\ProgramData\Microsoft
2015-04-26 14:38:03 ----D---- C:\Windows\AppPatch
2015-04-26 14:37:57 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-26 14:37:57 ----D---- C:\Program Files\Internet Explorer
2015-04-26 14:37:56 ----D---- C:\Windows\system32\en-US
2015-04-26 14:37:55 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-26 12:57:34 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-26 12:54:51 ----D---- C:\Windows\system32\MRT
2015-04-26 12:49:38 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK); C:\Windows\system32\DRIVERS\cm_km_w.sys [2013-01-14 238288]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-01-12 439320]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2014-03-31 468576]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-02-08 283064]
R1 klhk;klhk; C:\Windows\system32\DRIVERS\klhk.sys [2014-10-22 245960]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2015-03-26 842440]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2014-10-10 30920]
R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2013-04-12 15456]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2014-10-09 57032]
R1 Klwtp;Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [2014-11-22 77000]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2014-11-10 181960]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2015-03-26 56008]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-11-28 482128]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-18 25912]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-01-16 5358464]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-01-23 342528]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2012-07-31 175928]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2014-11-28 151240]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2014-10-30 30920]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-08-08 29280]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-04-14 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-05-08 136408]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-04-14 63704]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-06-03 11499008]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-10-03 1864328]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-09-20 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-04-07 555760]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2012-03-15 198144]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-15 659976]
R2 AVP15.0.2;Služba Kaspersky Anti-Virus 15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [2014-12-23 193400]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-23 135952]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-03-14 197504]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-03-28 89840]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-04-14 1871160]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-09-20 323072]
R2 uArcCapture;ArcCapture; C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-02-15 2602576]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-03-14 994176]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service; C:\Program Files\BitComet\tools\BitCometService.exe [2013-11-29 1296728]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-04-30 277488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-02-04 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Time2Groove
- 2. Stupeň Varování
- Příspěvky: 147
- Registrován: 23 říj 2005 18:22
Re: pomale PC - podezreni na malware
kazdopadne dekuji za pomoc
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomale PC - podezreni na malware
Co nalezl (pokud něco) MBAM? Tohle je log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?