prosim o kontrolu
Napsal: 29 pro 2016 17:12
prosim o kontrolu logu :
rsit
Logfile of random's system information tool 1.14 (written by random/random)
Run by Linda at 2016-12-29 17:10:16
Microsoft Windows 8.1 Enterprise
System drive C: has 50 GB (33%) free of 152 GB
Total RAM: 2047 MB (38% free)
X86
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:10:35, on 29. 12. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18124)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\skydrive.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTray.exe
C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\SettingSyncHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Users\Linda\AppData\Local\Microsoft\Windows\INetCache\IE\ICO5OEKI\RSIT.exe
C:\Program Files\trend micro\Linda_RSIT.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Wondershare Helper Compact.exe] "C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE"
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @oem1.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Broadcom Corporation. - C:\WINDOWS\system32\BtwRSupportService.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.474\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Unknown owner - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files\Wondershare\Dr.Fone for Android\DriverInstall.exe
--
End of file - 6430 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-linda.midar@seznam.cz - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Opera scheduled Autoupdate 1424679704 - C:\Program Files\Opera\launcher.exe --scheduledautoupdate
C:\WINDOWS\system32\tasks\{24AAF866-26E0-4335-942D-EB0E306C34B8} - C:\WINDOWS\system32\pcalua.exe -a "D:\Vag Driver\V2.0 driver\FTDIUNIN.exe" -d "D:\Vag Driver\V2.0 driver"
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-4063997749-2791008905-4018478498-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\WINDOWS\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\WINDOWS\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\WINDOWS\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\a8rkl77g.default
prefs.js - "browser.startup.homepage" - "https://www.google.com/?gfe_rd=cr&ei=Cm ... gws_rd=ssl, cr&fg=1"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.186 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\a8rkl77g.default\addons.json
C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\a8rkl77g.default\extensions.json
Firefox Hotfix - extension - firefox-hotfix@mozilla.org - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\a8rkl77g.default\extensions\firefox-hotfix@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Asynchronous Plugin Rendering - extension - asyncrendering@mozilla.org - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\a8rkl77g.default\features\{791f7bc8-ab76-44a8-89d8-28d50538a1a0}\asyncrendering@mozilla.org.xpi
C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\a8rkl77g.default\pluginreg.dat
Plugin - Adobe Acrobat - 10.0.0.396 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll
Plugin - AdobeAAMDetect - 3.0.0.0 - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
Plugin - Google Update - 1.3.31.5 - C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll
Plugin - Picasa - 3.0.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll
Plugin - Shockwave Flash - 23.0.0.207 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll
=========Google Chrome=========
C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bbjllphbppobebmjpjcijfbakobcheof 2 Rapport 1.14
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5316.725.0.15
Homepage:
default_search_provider.search_url:
C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04 508104]
"Adobe Creative Cloud"=C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2015-09-17 2292912]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 35736]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-11-16 6602152]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2016-11-15 27230168]
"Wondershare Helper Compact.exe"=C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe []
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [2016-03-24 680528]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
wlnotify.dll []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-12-29 16:52:03 ----D---- C:\rsit
2016-12-29 16:52:03 ----D---- C:\Program Files\trend micro
2016-12-29 16:23:58 ----D---- C:\AdwCleaner
2016-12-14 16:14:53 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2016-12-14 16:14:48 ----A---- C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-12-14 16:14:37 ----A---- C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-12-14 15:24:14 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-12-14 15:24:12 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-12-14 15:24:12 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-12-14 15:24:10 ----A---- C:\WINDOWS\system32\win32k.sys
2016-12-14 15:24:03 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-12-14 15:24:03 ----A---- C:\WINDOWS\system32\msi.dll
2016-12-14 15:24:02 ----A---- C:\WINDOWS\system32\wininet.dll
2016-12-14 15:24:02 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-12-14 15:24:01 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2016-12-14 15:24:01 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-12-14 15:24:01 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-12-14 15:24:01 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-12-14 15:24:01 ----A---- C:\WINDOWS\system32\dnsapi.dll
2016-12-14 15:24:01 ----A---- C:\WINDOWS\system32\crypt32.dll
2016-12-14 15:24:01 ----A---- C:\WINDOWS\system32\authui.dll
2016-12-14 15:24:00 ----AC---- C:\WINDOWS\system32\drivers\spaceport.sys
2016-12-14 15:24:00 ----A---- C:\WINDOWS\system32\wintrust.dll
2016-12-14 15:24:00 ----A---- C:\WINDOWS\system32\user32.dll
2016-12-14 15:24:00 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2016-12-14 15:24:00 ----A---- C:\WINDOWS\system32\shsetup.dll
2016-12-14 15:24:00 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-12-14 15:24:00 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2016-12-14 15:24:00 ----A---- C:\WINDOWS\system32\d3d10level9.dll
2016-12-14 15:24:00 ----A---- C:\WINDOWS\system32\bcrypt.dll
2016-12-14 15:24:00 ----A---- C:\WINDOWS\system32\ActionQueue.dll
2016-12-14 15:23:59 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-12-14 15:23:59 ----A---- C:\WINDOWS\system32\apisetschema.dll
2016-12-14 15:23:57 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-12-14 15:23:57 ----A---- C:\WINDOWS\system32\jscript.dll
2016-12-14 15:23:56 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-12-14 15:23:56 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-12-14 15:23:56 ----A---- C:\WINDOWS\system32\ieapfltr.dll
======List of files/folders modified in the last 1 month======
2016-12-29 17:10:15 ----D---- C:\WINDOWS\Prefetch
2016-12-29 17:09:20 ----D---- C:\ProgramData\boost_interprocess
2016-12-29 17:08:49 ----D---- C:\Users\Linda\AppData\Roaming\Skype
2016-12-29 17:06:57 ----D---- C:\WINDOWS\Temp
2016-12-29 17:02:14 ----D---- C:\WINDOWS\system32\sru
2016-12-29 17:00:19 ----RD---- C:\WINDOWS\System32
2016-12-29 17:00:18 ----RD---- C:\Program Files
2016-12-29 16:59:53 ----D---- C:\Users\Linda\AppData\Roaming\Lavasoft
2016-12-29 16:24:06 ----D---- C:\Program Files\McAfee Security Scan
2016-12-29 16:17:42 ----D---- C:\WINDOWS\system32\Drivers
2016-12-29 16:17:41 ----D---- C:\WINDOWS\system32\DriverStore
2016-12-29 16:17:41 ----D---- C:\WINDOWS\inf
2016-12-23 11:40:53 ----D---- C:\WINDOWS\Microsoft.NET
2016-12-22 12:25:53 ----D---- C:\WINDOWS\system32\NDF
2016-12-21 18:10:45 ----SHD---- C:\System Volume Information
2016-12-18 12:52:45 ----D---- C:\WINDOWS\system32\config
2016-12-17 10:47:41 ----D---- C:\WINDOWS\WinSxS
2016-12-17 10:30:17 ----D---- C:\WINDOWS\system32\catroot2
2016-12-17 10:13:57 ----SHD---- C:\WINDOWS\Installer
2016-12-17 10:09:46 ----D---- C:\WINDOWS\rescache
2016-12-17 10:08:54 ----D---- C:\WINDOWS\Tasks
2016-12-15 18:44:46 ----D---- C:\WINDOWS\CbsTemp
2016-12-15 18:16:07 ----D---- C:\WINDOWS\Minidump
2016-12-15 18:15:41 ----D---- C:\Windows
2016-12-14 17:26:31 ----D---- C:\WINDOWS\system32\oobe
2016-12-14 17:26:31 ----D---- C:\WINDOWS\system32\en-US
2016-12-14 17:26:31 ----D---- C:\WINDOWS\system32\cs-CZ
2016-12-14 16:14:25 ----D---- C:\ProgramData\Microsoft Help
2016-12-14 16:08:55 ----D---- C:\WINDOWS\system32\MRT
2016-12-14 16:03:45 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-12-13 20:57:58 ----D---- C:\WINDOWS\system32\Macromed
2016-12-12 00:00:46 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2016-12-09 08:19:45 ----D---- C:\ProgramData\Skype
2016-12-09 08:19:25 ----RD---- C:\Program Files\Skype
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 RapportHades;RapportHades; C:\WINDOWS\System32\Drivers\RapportHades.sys [2016-11-22 101320]
R0 RapportKELL;RapportKELL; C:\WINDOWS\System32\Drivers\RapportKELL.sys [2016-11-22 256520]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-03-13 138584]
R1 RapportCerberus_1609053;RapportCerberus_1609053; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1609053.sys [2016-09-18 775592]
R1 RapportEI;RapportEI; \??\C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [2016-11-22 327728]
R1 RapportPG;RapportPG; \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [2016-11-22 406792]
R3 AgereSoftModem;@mdmagrs.inf,%FullProductName%;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2013-06-18 1035776]
R3 bcbtums;@oem1.inf,%BCBTUMS.SvcDesc%;Bluetooth USB LD Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2013-10-28 175320]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 39424]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 95232]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 60928]
R3 e1express;@nete1e32.inf,%E1Express.Service.DispName%;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\WINDOWS\system32\DRIVERS\e1e6032.sys [2013-06-18 214016]
R3 HBtnKey;@oem3.inf,%CPQBTTN.SvcDesc%;HP Hotkey Device; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2010-02-25 15544]
R3 HpqKbFiltr;@oem4.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [2009-04-29 15872]
R3 netwlv32;@netwlv32.inf, %NIC_Service_DispName_VISTA%; Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\WINDOWS\system32\DRIVERS\netwlv32.sys [2013-06-18 6637056]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 131584]
R3 SynTP;@oem2.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1014272]
S3 btwampfl;@oem1.inf,%btwampfl.ServiceName%;btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [2013-10-28 144600]
S3 cxbu0wdm;@oem9.inf,%VID1PID3ReaderDescription%;OMNIKEY 6121; C:\WINDOWS\system32\DRIVERS\cxbu0wdm.sys [2014-04-05 125048]
S3 dg_ssudbus;@oem13.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-12-08 101040]
S3 FTDIBUS;@oem12.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2014-01-31 77808]
S3 FTSER2K;@oem11.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2011-03-18 73096]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2013-07-23 22016]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2013-07-23 61936]
S3 ssudmdm;@oem14.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2015-12-08 192944]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 88192]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 177152]
S3 WDC_SAM;@oem21.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\WINDOWS\System32\drivers\wdcsam.sys [2015-11-12 22216]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\System32\drivers\WinUsb.sys [2015-10-10 62976]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2015-09-15 669872]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-12-13 2218712]
R2 BcmBtRSupport;@oem1.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\WINDOWS\system32\BtwRSupportService.exe [2013-10-28 1680088]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 RapportMgmtService;Rapport Management Service; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2016-11-22 2387952]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-18 154440]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13 270936]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll"=%SystemRoot%\System32\BthHFSrv.dll
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-18 154440]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-02-13 136120]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.474\McCHSvc.exe [2016-12-14 272136]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-10-22 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
rsit
Logfile of random's system information tool 1.14 (written by random/random)
Run by Linda at 2016-12-29 17:10:16
Microsoft Windows 8.1 Enterprise
System drive C: has 50 GB (33%) free of 152 GB
Total RAM: 2047 MB (38% free)
X86
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:10:35, on 29. 12. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18124)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x86__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\skydrive.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTray.exe
C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\SettingSyncHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Users\Linda\AppData\Local\Microsoft\Windows\INetCache\IE\ICO5OEKI\RSIT.exe
C:\Program Files\trend micro\Linda_RSIT.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Wondershare Helper Compact.exe] "C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE"
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @oem1.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Broadcom Corporation. - C:\WINDOWS\system32\BtwRSupportService.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.474\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Unknown owner - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files\Wondershare\Dr.Fone for Android\DriverInstall.exe
--
End of file - 6430 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-linda.midar@seznam.cz - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Opera scheduled Autoupdate 1424679704 - C:\Program Files\Opera\launcher.exe --scheduledautoupdate
C:\WINDOWS\system32\tasks\{24AAF866-26E0-4335-942D-EB0E306C34B8} - C:\WINDOWS\system32\pcalua.exe -a "D:\Vag Driver\V2.0 driver\FTDIUNIN.exe" -d "D:\Vag Driver\V2.0 driver"
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-4063997749-2791008905-4018478498-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - %ProgramFiles%\Windows Defender\MpCmdRun.exe Scan -ScheduleJob
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\WINDOWS\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\WINDOWS\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\WINDOWS\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader - %windir%\system32\WSqmCons.exe -u
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe %windir%\system32\invagent.dll,RunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\a8rkl77g.default
prefs.js - "browser.startup.homepage" - "https://www.google.com/?gfe_rd=cr&ei=Cm ... gws_rd=ssl, cr&fg=1"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.186 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\a8rkl77g.default\addons.json
C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\a8rkl77g.default\extensions.json
Firefox Hotfix - extension - firefox-hotfix@mozilla.org - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\a8rkl77g.default\extensions\firefox-hotfix@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Asynchronous Plugin Rendering - extension - asyncrendering@mozilla.org - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\a8rkl77g.default\features\{791f7bc8-ab76-44a8-89d8-28d50538a1a0}\asyncrendering@mozilla.org.xpi
C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\a8rkl77g.default\pluginreg.dat
Plugin - Adobe Acrobat - 10.0.0.396 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll
Plugin - AdobeAAMDetect - 3.0.0.0 - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
Plugin - Google Update - 1.3.31.5 - C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll
Plugin - Picasa - 3.0.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll
Plugin - Shockwave Flash - 23.0.0.207 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll
=========Google Chrome=========
C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bbjllphbppobebmjpjcijfbakobcheof 2 Rapport 1.14
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5316.725.0.15
Homepage:
default_search_provider.search_url:
C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04 508104]
"Adobe Creative Cloud"=C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2015-09-17 2292912]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 35736]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-11-16 6602152]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2016-11-15 27230168]
"Wondershare Helper Compact.exe"=C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe []
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [2016-03-24 680528]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
wlnotify.dll []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-12-29 16:52:03 ----D---- C:\rsit
2016-12-29 16:52:03 ----D---- C:\Program Files\trend micro
2016-12-29 16:23:58 ----D---- C:\AdwCleaner
2016-12-14 16:14:53 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2016-12-14 16:14:48 ----A---- C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-12-14 16:14:37 ----A---- C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-12-14 15:24:14 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-12-14 15:24:12 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-12-14 15:24:12 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-12-14 15:24:10 ----A---- C:\WINDOWS\system32\win32k.sys
2016-12-14 15:24:03 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-12-14 15:24:03 ----A---- C:\WINDOWS\system32\msi.dll
2016-12-14 15:24:02 ----A---- C:\WINDOWS\system32\wininet.dll
2016-12-14 15:24:02 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-12-14 15:24:01 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2016-12-14 15:24:01 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-12-14 15:24:01 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-12-14 15:24:01 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-12-14 15:24:01 ----A---- C:\WINDOWS\system32\dnsapi.dll
2016-12-14 15:24:01 ----A---- C:\WINDOWS\system32\crypt32.dll
2016-12-14 15:24:01 ----A---- C:\WINDOWS\system32\authui.dll
2016-12-14 15:24:00 ----AC---- C:\WINDOWS\system32\drivers\spaceport.sys
2016-12-14 15:24:00 ----A---- C:\WINDOWS\system32\wintrust.dll
2016-12-14 15:24:00 ----A---- C:\WINDOWS\system32\user32.dll
2016-12-14 15:24:00 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2016-12-14 15:24:00 ----A---- C:\WINDOWS\system32\shsetup.dll
2016-12-14 15:24:00 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-12-14 15:24:00 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2016-12-14 15:24:00 ----A---- C:\WINDOWS\system32\d3d10level9.dll
2016-12-14 15:24:00 ----A---- C:\WINDOWS\system32\bcrypt.dll
2016-12-14 15:24:00 ----A---- C:\WINDOWS\system32\ActionQueue.dll
2016-12-14 15:23:59 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-12-14 15:23:59 ----A---- C:\WINDOWS\system32\apisetschema.dll
2016-12-14 15:23:57 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-12-14 15:23:57 ----A---- C:\WINDOWS\system32\jscript.dll
2016-12-14 15:23:56 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-12-14 15:23:56 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-12-14 15:23:56 ----A---- C:\WINDOWS\system32\ieapfltr.dll
======List of files/folders modified in the last 1 month======
2016-12-29 17:10:15 ----D---- C:\WINDOWS\Prefetch
2016-12-29 17:09:20 ----D---- C:\ProgramData\boost_interprocess
2016-12-29 17:08:49 ----D---- C:\Users\Linda\AppData\Roaming\Skype
2016-12-29 17:06:57 ----D---- C:\WINDOWS\Temp
2016-12-29 17:02:14 ----D---- C:\WINDOWS\system32\sru
2016-12-29 17:00:19 ----RD---- C:\WINDOWS\System32
2016-12-29 17:00:18 ----RD---- C:\Program Files
2016-12-29 16:59:53 ----D---- C:\Users\Linda\AppData\Roaming\Lavasoft
2016-12-29 16:24:06 ----D---- C:\Program Files\McAfee Security Scan
2016-12-29 16:17:42 ----D---- C:\WINDOWS\system32\Drivers
2016-12-29 16:17:41 ----D---- C:\WINDOWS\system32\DriverStore
2016-12-29 16:17:41 ----D---- C:\WINDOWS\inf
2016-12-23 11:40:53 ----D---- C:\WINDOWS\Microsoft.NET
2016-12-22 12:25:53 ----D---- C:\WINDOWS\system32\NDF
2016-12-21 18:10:45 ----SHD---- C:\System Volume Information
2016-12-18 12:52:45 ----D---- C:\WINDOWS\system32\config
2016-12-17 10:47:41 ----D---- C:\WINDOWS\WinSxS
2016-12-17 10:30:17 ----D---- C:\WINDOWS\system32\catroot2
2016-12-17 10:13:57 ----SHD---- C:\WINDOWS\Installer
2016-12-17 10:09:46 ----D---- C:\WINDOWS\rescache
2016-12-17 10:08:54 ----D---- C:\WINDOWS\Tasks
2016-12-15 18:44:46 ----D---- C:\WINDOWS\CbsTemp
2016-12-15 18:16:07 ----D---- C:\WINDOWS\Minidump
2016-12-15 18:15:41 ----D---- C:\Windows
2016-12-14 17:26:31 ----D---- C:\WINDOWS\system32\oobe
2016-12-14 17:26:31 ----D---- C:\WINDOWS\system32\en-US
2016-12-14 17:26:31 ----D---- C:\WINDOWS\system32\cs-CZ
2016-12-14 16:14:25 ----D---- C:\ProgramData\Microsoft Help
2016-12-14 16:08:55 ----D---- C:\WINDOWS\system32\MRT
2016-12-14 16:03:45 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-12-13 20:57:58 ----D---- C:\WINDOWS\system32\Macromed
2016-12-12 00:00:46 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2016-12-09 08:19:45 ----D---- C:\ProgramData\Skype
2016-12-09 08:19:25 ----RD---- C:\Program Files\Skype
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 RapportHades;RapportHades; C:\WINDOWS\System32\Drivers\RapportHades.sys [2016-11-22 101320]
R0 RapportKELL;RapportKELL; C:\WINDOWS\System32\Drivers\RapportKELL.sys [2016-11-22 256520]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-03-13 138584]
R1 RapportCerberus_1609053;RapportCerberus_1609053; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1609053.sys [2016-09-18 775592]
R1 RapportEI;RapportEI; \??\C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [2016-11-22 327728]
R1 RapportPG;RapportPG; \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [2016-11-22 406792]
R3 AgereSoftModem;@mdmagrs.inf,%FullProductName%;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2013-06-18 1035776]
R3 bcbtums;@oem1.inf,%BCBTUMS.SvcDesc%;Bluetooth USB LD Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2013-10-28 175320]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 39424]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 95232]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 60928]
R3 e1express;@nete1e32.inf,%E1Express.Service.DispName%;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\WINDOWS\system32\DRIVERS\e1e6032.sys [2013-06-18 214016]
R3 HBtnKey;@oem3.inf,%CPQBTTN.SvcDesc%;HP Hotkey Device; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2010-02-25 15544]
R3 HpqKbFiltr;@oem4.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [2009-04-29 15872]
R3 netwlv32;@netwlv32.inf, %NIC_Service_DispName_VISTA%; Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\WINDOWS\system32\DRIVERS\netwlv32.sys [2013-06-18 6637056]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 131584]
R3 SynTP;@oem2.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1014272]
S3 btwampfl;@oem1.inf,%btwampfl.ServiceName%;btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [2013-10-28 144600]
S3 cxbu0wdm;@oem9.inf,%VID1PID3ReaderDescription%;OMNIKEY 6121; C:\WINDOWS\system32\DRIVERS\cxbu0wdm.sys [2014-04-05 125048]
S3 dg_ssudbus;@oem13.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-12-08 101040]
S3 FTDIBUS;@oem12.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2014-01-31 77808]
S3 FTSER2K;@oem11.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2011-03-18 73096]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2013-07-23 22016]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2013-07-23 61936]
S3 ssudmdm;@oem14.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2015-12-08 192944]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 88192]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 177152]
S3 WDC_SAM;@oem21.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\WINDOWS\System32\drivers\wdcsam.sys [2015-11-12 22216]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\WINDOWS\System32\drivers\WinUsb.sys [2015-10-10 62976]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2015-09-15 669872]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-12-13 2218712]
R2 BcmBtRSupport;@oem1.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\WINDOWS\system32\BtwRSupportService.exe [2013-10-28 1680088]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 RapportMgmtService;Rapport Management Service; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [2016-11-22 2387952]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-18 154440]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13 270936]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation;"ServiceDll"=%SystemRoot%\System32\BthHFSrv.dll
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-18 154440]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-02-13 136120]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.474\McCHSvc.exe [2016-12-14 272136]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-10-22 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------