Logfile of random's system information tool 1.09 (written by random/random)
Run by Bedna at 2013-03-23 17:27:57
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 163 GB (36%) free of 454 GB
Total RAM: 4046 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:28:01, on 23.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Users\Bedna\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\SysWOW64\RunDll32.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Bedna.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: (no name) - {8dcb7100-df86-4384-8842-8fa844297b3f} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IFXSPMGT] "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Bedna\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Bedna\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Roxio Burn Launcher (RoxioBurnLauncher) - Unknown owner - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17760 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
"C:\windows\system32\Dwm.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\Explorer.EXE
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Users\Bedna\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"C:\Program Files (x86)\BlueStacks\HD-Agent.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\BlueStacks\HD-Network.exe"
\??\C:\windows\system32\conhost.exe "-1693871906-14808154001902111195-2790938141547698826-351324640-379686106144006143
"C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
\??\C:\windows\system32\conhost.exe "1025400674-1946034489-66910677-20780590621583622237977368102724507003-206902027
"C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe"
\??\C:\windows\system32\conhost.exe "972800694138002325327718045-12997376551324419075101713346-122247231-646000349
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
{5DA47C59-6051-4D32-8C9B-6C58FF75770F}
{05D3730C-B8BA-4BDA-A35B-87CF81CE3316}
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b03e30bf-ab99-4dfa-8fed-860bfc03aa11 -SystemEventPortName:HostProcess-0371e8a0-3a68-45db-a7dd-ef93cab6a505 -IoCancelEventPortName:HostProcess-3f8ac1b9-2969-4a2d-acaf-a174d8620e84 -NonStateChangingEventPortName:HostProcess-fcb22bf4-b09b-4eba-a66b-05e0030bfca4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:da60d658-c2e2-4bb5-8682-7297fa5080e5 -DeviceGroupId:
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
-Minimized
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe" -h
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8200.0.998364218\440769429" --supports-dual-gpus=false --gpu-vendor-id=0x1002 --gpu-device-id=0x6841 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.951.6.0 --ignored=" --type=renderer " /prefetch:12
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxSearchSuggestTrialStarted2013Q1/11/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Enabled/SideloadWipeout/Enabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="8200.2.858709395\418000526" /prefetch:3
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxSearchSuggestTrialStarted2013Q1/11/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Enabled/SideloadWipeout/Enabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="8200.3.80238710\468138471" /prefetch:3
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxSearchSuggestTrialStarted2013Q1/11/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Enabled/SideloadWipeout/Enabled/SpdyCwnd/cwndMin16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="8200.4.619059306\1231067154" /prefetch:3
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="8200.5.1242346204\1371464181" --lang=cs --ignored=" --type=renderer " /prefetch:13
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxSearchSuggestTrialStarted2013Q1/11/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Enabled/SideloadWipeout/Enabled/SpdyCwnd/cwndMin16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="8200.7.914834011\1692433625" /prefetch:3
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe12_ Global\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Bedna\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1409152103-1156182315-2250419522-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1409152103-1156182315-2250419522-1001UA.job
C:\windows\tasks\HPCeeScheduleForBedna.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22 122456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-14 1307928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-03-09 2887440]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2012-03-14 15232]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-03-05 1425408]
"MfeEpePcMonitor"=C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe []
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Google Update"=C:\Users\Bedna\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-09 116648]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
"SkyDrive"=C:\Users\Bedna\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2012-11-15 255992]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2013-02-13 1509232]
"KiesAirMessage"=C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup []
""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-02-13 844144]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-03-01 56088]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-03-14 319360]
""= []
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-03-30 636032]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-03-15 184704]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2012-03-22 12310616]
"IFXSPMGT"=c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2012-01-27 1127800]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2013-01-21 1564368]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2013-02-15 601976]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-02-13 310128]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-03-23 15:18:52 ----D---- C:\Users\Bedna\AppData\Roaming\Malwarebytes
2013-03-23 15:18:40 ----D---- C:\ProgramData\Malwarebytes
2013-03-23 15:18:38 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-23 15:01:00 ----A---- C:\AdwCleaner[S2].txt
2013-03-23 14:46:13 ----A---- C:\AdwCleaner[R2].txt
2013-03-23 14:01:46 ----D---- C:\rsit
2013-03-23 14:01:46 ----D---- C:\Program Files\trend micro
2013-03-23 13:58:00 ----D---- C:\ProgramData\TEMP
2013-03-23 13:57:44 ----D---- C:\Program Files (x86)\Nsasoft
2013-03-20 21:45:59 ----D---- C:\Users\Bedna\AppData\Roaming\Dropbox
2013-03-18 01:27:59 ----D---- C:\windows\system32\Macromed
2013-03-17 23:43:23 ----A---- C:\windows\system32\drivers\aswFsBlk.sys
2013-03-17 23:43:22 ----A---- C:\windows\system32\drivers\aswSP.sys
2013-03-17 23:43:19 ----A---- C:\windows\system32\drivers\aswTdi.sys
2013-03-17 23:43:19 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2013-03-17 23:43:18 ----A---- C:\windows\system32\drivers\aswVmm.sys
2013-03-17 23:43:18 ----A---- C:\windows\system32\drivers\aswSnx.sys
2013-03-17 23:43:17 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2013-03-17 23:43:15 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2013-03-17 23:43:15 ----A---- C:\windows\system32\aswBoot.exe
2013-03-17 23:42:44 ----A---- C:\windows\avastSS.scr
2013-03-17 23:42:25 ----D---- C:\Program Files\AVAST Software
2013-03-17 23:39:30 ----D---- C:\ProgramData\AVAST Software
2013-03-16 19:24:40 ----D---- C:\Users\Bedna\AppData\Roaming\Samsung
2013-03-16 19:22:43 ----A---- C:\windows\SYSWOW64\Redemption.dll
2013-03-16 19:22:19 ----A---- C:\windows\SYSWOW64\dgderapi.dll
2013-03-16 19:21:32 ----D---- C:\ProgramData\Samsung
2013-03-16 19:21:32 ----D---- C:\Program Files (x86)\Samsung
2013-03-16 19:15:18 ----SHD---- C:\Config.Msi
2013-03-16 13:41:32 ----D---- C:\Program Files (x86)\BlueStacks
2013-03-16 13:41:02 ----D---- C:\ProgramData\BlueStacksSetup
2013-03-16 13:41:01 ----D---- C:\ProgramData\BlueStacks
2013-03-14 07:34:46 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-03-14 07:34:46 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-03-14 07:34:46 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-03-14 07:34:46 ----A---- C:\windows\system32\mshtmled.dll
2013-03-14 07:34:45 ----A---- C:\windows\SYSWOW64\url.dll
2013-03-14 07:34:45 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-03-14 07:34:45 ----A---- C:\windows\system32\url.dll
2013-03-14 07:34:45 ----A---- C:\windows\system32\ieUnatt.exe
2013-03-14 07:34:45 ----A---- C:\windows\system32\ieui.dll
2013-03-14 07:34:44 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-03-14 07:34:44 ----A---- C:\windows\system32\urlmon.dll
2013-03-14 07:34:43 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-03-14 07:34:43 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-03-14 07:34:43 ----A---- C:\windows\system32\msfeeds.dll
2013-03-14 07:34:43 ----A---- C:\windows\system32\jscript9.dll
2013-03-14 07:34:42 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-03-14 07:34:42 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-03-14 07:34:42 ----A---- C:\windows\system32\wininet.dll
2013-03-14 07:34:42 ----A---- C:\windows\system32\vbscript.dll
2013-03-14 07:34:42 ----A---- C:\windows\system32\jsproxy.dll
2013-03-14 07:34:41 ----A---- C:\windows\system32\jscript.dll
2013-03-14 07:34:40 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-03-14 07:34:40 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-03-14 07:34:40 ----A---- C:\windows\system32\iertutil.dll
2013-03-14 07:34:37 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-03-14 07:34:35 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-03-14 07:34:35 ----A---- C:\windows\system32\mshtml.dll
2013-03-14 07:34:35 ----A---- C:\windows\system32\ieframe.dll
2013-03-14 07:33:35 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 07:33:35 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-02-28 07:38:40 ----A---- C:\windows\SYSWOW64\UIAnimation.dll
2013-02-28 07:38:40 ----A---- C:\windows\SYSWOW64\msmpeg2vdec.dll
2013-02-28 07:38:40 ----A---- C:\windows\system32\UIAnimation.dll
2013-02-28 07:38:40 ----A---- C:\windows\system32\msmpeg2vdec.dll
2013-02-28 07:38:35 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2013-02-28 07:38:35 ----A---- C:\windows\system32\WMPhoto.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:38:32 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2013-02-28 07:38:32 ----A---- C:\windows\SYSWOW64\d3d10_1.dll
2013-02-28 07:38:32 ----A---- C:\windows\system32\XpsGdiConverter.dll
2013-02-28 07:38:32 ----A---- C:\windows\system32\d3d10warp.dll
2013-02-28 07:38:32 ----A---- C:\windows\system32\d3d10_1.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:38:31 ----A---- C:\windows\SYSWOW64\XpsGdiConverter.dll
2013-02-28 07:38:31 ----A---- C:\windows\SYSWOW64\dxgi.dll
2013-02-28 07:38:31 ----A---- C:\windows\SYSWOW64\d3d10level9.dll
2013-02-28 07:38:31 ----A---- C:\windows\system32\dxgi.dll
2013-02-28 07:38:31 ----A---- C:\windows\system32\d3d10level9.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d11.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d10core.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d10_1core.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d10.dll
2013-02-28 07:38:30 ----A---- C:\windows\system32\d3d11.dll
2013-02-28 07:38:30 ----A---- C:\windows\system32\d3d10core.dll
2013-02-28 07:38:30 ----A---- C:\windows\system32\d3d10_1core.dll
2013-02-28 07:38:29 ----A---- C:\windows\SYSWOW64\XpsPrint.dll
2013-02-28 07:38:29 ----A---- C:\windows\SYSWOW64\DWrite.dll
2013-02-28 07:38:29 ----A---- C:\windows\system32\XpsPrint.dll
2013-02-28 07:38:29 ----A---- C:\windows\system32\FntCache.dll
2013-02-28 07:38:29 ----A---- C:\windows\system32\d3d10.dll
2013-02-28 07:38:28 ----A---- C:\windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-28 07:38:28 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2013-02-28 07:38:28 ----A---- C:\windows\SYSWOW64\d2d1.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\WindowsCodecsExt.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\WindowsCodecs.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\DWrite.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\d2d1.dll
======List of files/folders modified in the last 1 month======
2013-03-23 19:18:49 ----D---- C:\windows\winsxs
2013-03-23 19:18:49 ----D---- C:\windows\Tasks
2013-03-23 19:18:49 ----D---- C:\windows\system32\wfp
2013-03-23 19:18:49 ----D---- C:\windows\system32\DriverStore
2013-03-23 19:18:49 ----D---- C:\windows\system32\catroot2
2013-03-23 19:18:48 ----D---- C:\windows\SysWOW64
2013-03-23 19:18:47 ----D---- C:\windows\AppCompat
2013-03-23 19:18:38 ----D---- C:\windows\system32\wbem
2013-03-23 19:18:38 ----D---- C:\windows\registration
2013-03-23 19:17:47 ----RHD---- C:\MSOCache
2013-03-23 19:15:09 ----D---- C:\windows\system32\LogFiles
2013-03-23 17:15:10 ----D---- C:\windows\Temp
2013-03-23 17:00:47 ----D---- C:\windows\system32\drivers
2013-03-23 15:42:37 ----SHD---- C:\windows\Installer
2013-03-23 15:42:24 ----D---- C:\Program Files (x86)\Google
2013-03-23 15:18:40 ----HD---- C:\ProgramData
2013-03-23 15:18:38 ----RD---- C:\Program Files (x86)
2013-03-23 15:17:40 ----D---- C:\windows\system32\config
2013-03-23 15:06:19 ----A---- C:\windows\SYSWOW64\log.txt
2013-03-23 14:01:46 ----RD---- C:\Program Files
2013-03-23 13:29:50 ----D---- C:\Users\Bedna\AppData\Roaming\Mozilla
2013-03-23 13:03:22 ----D---- C:\windows\System32
2013-03-23 13:03:22 ----D---- C:\windows\inf
2013-03-23 13:03:22 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-03-23 12:54:43 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-03-23 12:54:05 ----SHD---- C:\System Volume Information
2013-03-23 10:27:15 ----D---- C:\windows\Prefetch
2013-03-23 10:24:06 ----D---- C:\windows\system32\Tasks
2013-03-23 10:23:51 ----D---- C:\ProgramData\PC Suite
2013-03-23 10:23:37 ----D---- C:\Windows
2013-03-18 21:20:30 ----D---- C:\windows\system32\catroot
2013-03-18 01:28:04 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-03-16 20:30:11 ----RSD---- C:\windows\assembly
2013-03-16 20:30:11 ----D---- C:\windows\Microsoft.NET
2013-03-16 20:11:21 ----D---- C:\Users\Bedna\AppData\Roaming\Nokia
2013-03-16 19:22:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-16 19:19:17 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2013-03-14 16:55:45 ----D---- C:\windows\rescache
2013-03-14 07:55:54 ----D---- C:\windows\SYSWOW64\migration
2013-03-14 07:55:54 ----D---- C:\windows\system32\migration
2013-03-14 07:55:54 ----D---- C:\windows\AppPatch
2013-03-14 07:55:54 ----D---- C:\Program Files\Internet Explorer
2013-03-14 07:55:54 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 07:38:59 ----D---- C:\ProgramData\Microsoft Help
2013-03-14 07:36:27 ----A---- C:\windows\system32\MRT.exe
2013-03-10 17:52:20 ----D---- C:\Users\Bedna\AppData\Roaming\Skype
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\zh-HK
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\pt-PT
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\pt-BR
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\pl-PL
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\nl-NL
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\ko-KR
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\it-IT
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\hu-HU
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\fr-FR
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\el-GR
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\zh-TW
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\zh-CN
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\tr-TR
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\sv-SE
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\ru-RU
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\nb-NO
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\ja-JP
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\fi-FI
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\es-ES
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\en-US
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\de-DE
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\da-DK
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-02-28 07:56:55 ----D---- C:\windows\system32\zh-TW
2013-02-28 07:56:55 ----D---- C:\windows\system32\zh-HK
2013-02-28 07:56:55 ----D---- C:\windows\system32\tr-TR
2013-02-28 07:56:55 ----D---- C:\windows\system32\sv-SE
2013-02-28 07:56:55 ----D---- C:\windows\system32\pt-PT
2013-02-28 07:56:55 ----D---- C:\windows\system32\pt-BR
2013-02-28 07:56:55 ----D---- C:\windows\system32\pl-PL
2013-02-28 07:56:55 ----D---- C:\windows\system32\nl-NL
2013-02-28 07:56:55 ----D---- C:\windows\system32\ko-KR
2013-02-28 07:56:55 ----D---- C:\windows\system32\it-IT
2013-02-28 07:56:55 ----D---- C:\windows\system32\hu-HU
2013-02-28 07:56:55 ----D---- C:\windows\system32\fr-FR
2013-02-28 07:56:55 ----D---- C:\windows\system32\fi-FI
2013-02-28 07:56:55 ----D---- C:\windows\system32\es-ES
2013-02-28 07:56:55 ----D---- C:\windows\system32\el-GR
2013-02-28 07:56:55 ----D---- C:\windows\system32\de-DE
2013-02-28 07:56:54 ----D---- C:\windows\system32\zh-CN
2013-02-28 07:56:54 ----D---- C:\windows\system32\ru-RU
2013-02-28 07:56:54 ----D---- C:\windows\system32\nb-NO
2013-02-28 07:56:54 ----D---- C:\windows\system32\ja-JP
2013-02-28 07:56:54 ----D---- C:\windows\system32\en-US
2013-02-28 07:56:54 ----D---- C:\windows\system32\da-DK
2013-02-28 07:56:54 ----D---- C:\windows\system32\cs-CZ
2013-02-28 07:44:50 ----D---- C:\ProgramData\Skype
2013-02-28 07:44:46 ----RD---- C:\Program Files (x86)\Skype
2013-02-28 07:44:46 ----D---- C:\Program Files (x86)\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-03-16 30488]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\drivers\iaStor.sys [2012-02-02 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 MfeEpeOpal;MfeEpeOpal; C:\windows\system32\drivers\MfeEpeOpal.sys [2012-03-22 93640]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2012-03-22 158792]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2012-03-08 58000]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\windows\System32\drivers\psd.sys [2010-01-26 44576]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-02-15 71032]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-03-16 43800]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2012-03-29 10859008]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2012-03-29 328704]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2012-02-03 42816]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2011-12-05 95248]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2012-05-17 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2012-02-02 184360]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2012-02-02 211496]
R3 BTWDPAN;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\btwdpan.sys [2012-02-02 89640]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2012-02-02 21544]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2012-02-22 360624]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-18 25912]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\Netwsw00.sys [2012-02-21 11471872]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2012-03-30 1863680]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-03-05 536064]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2012-03-09 425232]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
S3 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2012-01-31 64312]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
S3 dmvsc;dmvsc; C:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2012-02-28 173656]
S3 johci;JMicron 1394 Filter Driver; C:\windows\system32\DRIVERS\johci.sys [2012-02-28 26200]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 vmbus;vmbus; C:\windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2012-03-29 235520]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-02-15 393080]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-02-15 384888]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-18 135952]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2012-02-02 945440]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2012-03-15 493904]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2013-01-21 1564368]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-03-14 152992]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-03-22 372824]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-03-16 33560]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-03-01 13592]
R2 IFXSpMgtSrv;Security Platform Management Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2012-01-27 1127800]
R2 IFXTCS;Trusted Platform Core Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [2012-01-27 984440]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-28 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-28 165144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-28 277784]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2012-03-21 1327104]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 PersonalSecureDriveService;Personal Secure Drive Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [2012-01-27 212344]
R2 RoxioBurnLauncher;Roxio Burn Launcher; C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [2012-03-21 536848]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-03-05 314880]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2012-02-03 498352]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-28 363800]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2012-03-20 2694224]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [2012-02-14 240408]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-03-15 1420160]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [2012-02-14 193816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-15 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-18 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2012-01-31 477056]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-15 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2012-03-07 1118480]
S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2011-12-08 76416]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-03-09 117552]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
chyceny trojsky kun z odkazu na video na facebooku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: chyceny trojsky kun z odkazu na video na facebooku
Udelejte si poradek v Antivirech!!! Bezi vam tam Avast a MSE a taky tam je neco od McAfee. V pc musi byt jen jeden Antivir, jinak dochazi ke kolizim stitu.
1) Otevrte Poznamkovy blok (pokud ho nemate na plose, tak kliknete na Start, pak programy a prislusenstvi)2) Zkopirujte do nej ten zeleny text
Kód: Vybrat vše
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{8dcb7100-df86-4384-8842-8fa844297b3f}"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""=-
4) Kliknete na napis Ulozit jako...
5) Napiste spravne ten cerveny nazev oprava.reg a pak vyberte u moznosti Ulozit jako typ : Vsechny soubory
6) Ulozte, nejlepe na plochu
7) Na to, co jste prave ulozil/a, 2x kliknete, ono se to spusti a vy to jen potvrdte
8) Pak ten soubor muzete smazat
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Najdete tento soubor C:\Program Files\trend micro\Bedna.exe , kliknete na nej pravym mysidlem a levym na Spustit jako spravceKliknete na Main menu a na Do a system scan only
U techto radku dejte vlevo zatrzitko
Kód: Vybrat vše
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
O3 - Toolbar: (no name) - {8dcb7100-df86-4384-8842-8fa844297b3f} - (no file)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Bedna\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Bedna\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]
:services
AdobeARMservice
Guard.Mail.ru
McAfee Endpoint Encryption Agent
Skype C2C Service
BBUpdate
BBSvc
gupdate
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gupdatem
gusvc
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1409152103-1156182315-2250419522-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1409152103-1156182315-2250419522-1001UA.job
C:\windows\tasks\HPCeeScheduleForBedna.job
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: chyceny trojsky kun z odkazu na video na facebooku
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Bedna
->Temp folder emptied: 1552145975 bytes
->Temporary Internet Files folder emptied: 570319146 bytes
->Google Chrome cache emptied: 92877176 bytes
->Flash cache emptied: 60998 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57616 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Kajman
User: Marcela
User: Pavey
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 227417372 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 119026 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 2 330,00 mb
[EMPTYFLASH]
User: All Users
User: Bedna
->Flash cache emptied: 0 bytes
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Kajman
User: Marcela
User: Pavey
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTM Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service Guard.Mail.ru stopped successfully!
Service Guard.Mail.ru deleted successfully!
Error: No service named McAfee Endpoint Encryption Agent was found to stop!
Service\Driver key McAfee Endpoint Encryption Agent not found.
Service Skype C2C Service stopped successfully!
Service Skype C2C Service deleted successfully!
Error: No service named BBUpdate was found to stop!
Service\Driver key BBUpdate not found.
Error: No service named BBSvc was found to stop!
Service\Driver key BBSvc not found.
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
C:\windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1409152103-1156182315-2250419522-1001Core.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1409152103-1156182315-2250419522-1001UA.job moved successfully.
C:\windows\tasks\HPCeeScheduleForBedna.job moved successfully.
OTM by OldTimer - Version 3.1.21.0 log created on 03232013_182025
Files moved on Reboot...
C:\Users\Bedna\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Bedna
->Temp folder emptied: 1552145975 bytes
->Temporary Internet Files folder emptied: 570319146 bytes
->Google Chrome cache emptied: 92877176 bytes
->Flash cache emptied: 60998 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57616 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Kajman
User: Marcela
User: Pavey
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 227417372 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 119026 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 2 330,00 mb
[EMPTYFLASH]
User: All Users
User: Bedna
->Flash cache emptied: 0 bytes
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Kajman
User: Marcela
User: Pavey
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTM Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service Guard.Mail.ru stopped successfully!
Service Guard.Mail.ru deleted successfully!
Error: No service named McAfee Endpoint Encryption Agent was found to stop!
Service\Driver key McAfee Endpoint Encryption Agent not found.
Service Skype C2C Service stopped successfully!
Service Skype C2C Service deleted successfully!
Error: No service named BBUpdate was found to stop!
Service\Driver key BBUpdate not found.
Error: No service named BBSvc was found to stop!
Service\Driver key BBSvc not found.
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
C:\windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1409152103-1156182315-2250419522-1001Core.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1409152103-1156182315-2250419522-1001UA.job moved successfully.
C:\windows\tasks\HPCeeScheduleForBedna.job moved successfully.
OTM by OldTimer - Version 3.1.21.0 log created on 03232013_182025
Files moved on Reboot...
C:\Users\Bedna\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Re: chyceny trojsky kun z odkazu na video na facebooku
nektere veci to asi nenaslo, ale to je tim, ze jsem je odstranil hned po precteni prvniho radku o antivirech...
Re: chyceny trojsky kun z odkazu na video na facebooku
Jasne, to je v poradku 
Dejte sem novy log z RSIT.
Dejte sem novy log z RSIT.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: chyceny trojsky kun z odkazu na video na facebooku
Logfile of random's system information tool 1.09 (written by random/random)
Run by Bedna at 2013-03-23 18:52:37
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 166 GB (36%) free of 454 GB
Total RAM: 4046 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:52:55, on 23.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files\trend micro\Bedna.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - (no file)
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IFXSPMGT] "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Roxio Burn Launcher (RoxioBurnLauncher) - Unknown owner - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13860 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\windows\system32\Dwm.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\Explorer.EXE
taskeng.exe {412AF88C-0EC5-42F4-83C5-CDDC0FF3E566}
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\BlueStacks\HD-Network.exe"
\??\C:\windows\system32\conhost.exe "-48357080621085301031862080190-1647947846341858690-7829533241191892439-901756111
"C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe"
\??\C:\windows\system32\conhost.exe "192995769015847906601141858575-2778701641976902175-909304423-314806889126239428
"C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe"
\??\C:\windows\system32\conhost.exe "-1309907318-10313795713398919851192783973-1188703492151644433016420170661219512636
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-501ed0e6-47d3-4781-82b6-618760b8298a -SystemEventPortName:HostProcess-760cb431-64d0-42ba-baa0-cedb86f8127b -IoCancelEventPortName:HostProcess-b4675e8c-8eab-44ef-8224-2afc120850e2 -NonStateChangingEventPortName:HostProcess-d16be956-45b0-4ee8-ae8b-34149bb844e7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:65b89999-50d5-4e85-b0fe-0077688958a6 -DeviceGroupId:
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\BlueStacks\HD-Agent.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5788.0.521803378\315437302" --supports-dual-gpus=false --gpu-vendor-id=0x1002 --gpu-device-id=0x6841 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.951.6.0 --ignored=" --type=renderer " /prefetch:12
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxSearchSuggestTrialStarted2013Q1/11/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Enabled/SideloadWipeout/Enabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="5788.2.1782567399\1809226478" /prefetch:3
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxSearchSuggestTrialStarted2013Q1/11/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Enabled/SideloadWipeout/Enabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="5788.3.1336064439\1952171578" /prefetch:3
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxSearchSuggestTrialStarted2013Q1/11/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Enabled/SideloadWipeout/Enabled/SpdyCwnd/cwnd16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="5788.4.746166217\1288242844" /prefetch:3
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5788.5.1809421118\1373541489" --lang=cs --ignored=" --type=renderer " /prefetch:13
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
-Minimized
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Users\Bedna\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22 122456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-03-09 2887440]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2012-03-14 15232]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-03-05 1425408]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-03-01 56088]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-03-14 319360]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-03-30 636032]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-03-15 184704]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2012-03-22 12310616]
"IFXSPMGT"=c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2012-01-27 1127800]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2013-02-15 601976]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-03-23 18:20:25 ----D---- C:\_OTM
2013-03-23 15:18:52 ----D---- C:\Users\Bedna\AppData\Roaming\Malwarebytes
2013-03-23 15:18:40 ----D---- C:\ProgramData\Malwarebytes
2013-03-23 15:18:38 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-23 15:01:00 ----A---- C:\AdwCleaner[S2].txt
2013-03-23 14:46:13 ----A---- C:\AdwCleaner[R2].txt
2013-03-23 14:01:46 ----D---- C:\rsit
2013-03-23 14:01:46 ----D---- C:\Program Files\trend micro
2013-03-23 13:58:00 ----D---- C:\ProgramData\TEMP
2013-03-23 13:57:44 ----D---- C:\Program Files (x86)\Nsasoft
2013-03-20 21:45:59 ----D---- C:\Users\Bedna\AppData\Roaming\Dropbox
2013-03-18 01:27:59 ----D---- C:\windows\system32\Macromed
2013-03-17 23:43:23 ----A---- C:\windows\system32\drivers\aswFsBlk.sys
2013-03-17 23:43:22 ----A---- C:\windows\system32\drivers\aswSP.sys
2013-03-17 23:43:19 ----A---- C:\windows\system32\drivers\aswTdi.sys
2013-03-17 23:43:19 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2013-03-17 23:43:18 ----A---- C:\windows\system32\drivers\aswVmm.sys
2013-03-17 23:43:18 ----A---- C:\windows\system32\drivers\aswSnx.sys
2013-03-17 23:43:17 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2013-03-17 23:43:15 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2013-03-17 23:43:15 ----A---- C:\windows\system32\aswBoot.exe
2013-03-17 23:42:44 ----A---- C:\windows\avastSS.scr
2013-03-17 23:42:25 ----D---- C:\Program Files\AVAST Software
2013-03-17 23:39:30 ----D---- C:\ProgramData\AVAST Software
2013-03-16 19:24:40 ----D---- C:\Users\Bedna\AppData\Roaming\Samsung
2013-03-16 19:22:43 ----A---- C:\windows\SYSWOW64\Redemption.dll
2013-03-16 19:22:19 ----A---- C:\windows\SYSWOW64\dgderapi.dll
2013-03-16 19:21:32 ----D---- C:\ProgramData\Samsung
2013-03-16 19:21:32 ----D---- C:\Program Files (x86)\Samsung
2013-03-16 19:15:18 ----SHD---- C:\Config.Msi
2013-03-16 13:41:32 ----D---- C:\Program Files (x86)\BlueStacks
2013-03-16 13:41:02 ----D---- C:\ProgramData\BlueStacksSetup
2013-03-16 13:41:01 ----D---- C:\ProgramData\BlueStacks
2013-03-14 07:34:46 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-03-14 07:34:46 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-03-14 07:34:46 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-03-14 07:34:46 ----A---- C:\windows\system32\mshtmled.dll
2013-03-14 07:34:45 ----A---- C:\windows\SYSWOW64\url.dll
2013-03-14 07:34:45 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-03-14 07:34:45 ----A---- C:\windows\system32\url.dll
2013-03-14 07:34:45 ----A---- C:\windows\system32\ieUnatt.exe
2013-03-14 07:34:45 ----A---- C:\windows\system32\ieui.dll
2013-03-14 07:34:44 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-03-14 07:34:44 ----A---- C:\windows\system32\urlmon.dll
2013-03-14 07:34:43 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-03-14 07:34:43 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-03-14 07:34:43 ----A---- C:\windows\system32\msfeeds.dll
2013-03-14 07:34:43 ----A---- C:\windows\system32\jscript9.dll
2013-03-14 07:34:42 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-03-14 07:34:42 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-03-14 07:34:42 ----A---- C:\windows\system32\wininet.dll
2013-03-14 07:34:42 ----A---- C:\windows\system32\vbscript.dll
2013-03-14 07:34:42 ----A---- C:\windows\system32\jsproxy.dll
2013-03-14 07:34:41 ----A---- C:\windows\system32\jscript.dll
2013-03-14 07:34:40 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-03-14 07:34:40 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-03-14 07:34:40 ----A---- C:\windows\system32\iertutil.dll
2013-03-14 07:34:37 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-03-14 07:34:35 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-03-14 07:34:35 ----A---- C:\windows\system32\mshtml.dll
2013-03-14 07:34:35 ----A---- C:\windows\system32\ieframe.dll
2013-03-14 07:33:35 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 07:33:35 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-02-28 07:38:40 ----A---- C:\windows\SYSWOW64\UIAnimation.dll
2013-02-28 07:38:40 ----A---- C:\windows\SYSWOW64\msmpeg2vdec.dll
2013-02-28 07:38:40 ----A---- C:\windows\system32\UIAnimation.dll
2013-02-28 07:38:40 ----A---- C:\windows\system32\msmpeg2vdec.dll
2013-02-28 07:38:35 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2013-02-28 07:38:35 ----A---- C:\windows\system32\WMPhoto.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:38:32 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2013-02-28 07:38:32 ----A---- C:\windows\SYSWOW64\d3d10_1.dll
2013-02-28 07:38:32 ----A---- C:\windows\system32\XpsGdiConverter.dll
2013-02-28 07:38:32 ----A---- C:\windows\system32\d3d10warp.dll
2013-02-28 07:38:32 ----A---- C:\windows\system32\d3d10_1.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:38:31 ----A---- C:\windows\SYSWOW64\XpsGdiConverter.dll
2013-02-28 07:38:31 ----A---- C:\windows\SYSWOW64\dxgi.dll
2013-02-28 07:38:31 ----A---- C:\windows\SYSWOW64\d3d10level9.dll
2013-02-28 07:38:31 ----A---- C:\windows\system32\dxgi.dll
2013-02-28 07:38:31 ----A---- C:\windows\system32\d3d10level9.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d11.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d10core.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d10_1core.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d10.dll
2013-02-28 07:38:30 ----A---- C:\windows\system32\d3d11.dll
2013-02-28 07:38:30 ----A---- C:\windows\system32\d3d10core.dll
2013-02-28 07:38:30 ----A---- C:\windows\system32\d3d10_1core.dll
2013-02-28 07:38:29 ----A---- C:\windows\SYSWOW64\XpsPrint.dll
2013-02-28 07:38:29 ----A---- C:\windows\SYSWOW64\DWrite.dll
2013-02-28 07:38:29 ----A---- C:\windows\system32\XpsPrint.dll
2013-02-28 07:38:29 ----A---- C:\windows\system32\FntCache.dll
2013-02-28 07:38:29 ----A---- C:\windows\system32\d3d10.dll
2013-02-28 07:38:28 ----A---- C:\windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-28 07:38:28 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2013-02-28 07:38:28 ----A---- C:\windows\SYSWOW64\d2d1.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\WindowsCodecsExt.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\WindowsCodecs.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\DWrite.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\d2d1.dll
======List of files/folders modified in the last 1 month======
2013-03-23 19:18:49 ----D---- C:\windows\winsxs
2013-03-23 19:18:49 ----D---- C:\windows\system32\wfp
2013-03-23 19:18:49 ----D---- C:\windows\system32\DriverStore
2013-03-23 19:18:49 ----D---- C:\windows\system32\catroot2
2013-03-23 19:18:48 ----D---- C:\windows\SysWOW64
2013-03-23 19:18:47 ----D---- C:\windows\AppCompat
2013-03-23 19:18:38 ----D---- C:\windows\system32\wbem
2013-03-23 19:18:38 ----D---- C:\windows\registration
2013-03-23 19:17:47 ----RHD---- C:\MSOCache
2013-03-23 19:15:09 ----D---- C:\windows\system32\LogFiles
2013-03-23 18:52:38 ----D---- C:\windows\Temp
2013-03-23 18:37:38 ----D---- C:\windows\system32\config
2013-03-23 18:26:15 ----A---- C:\windows\SYSWOW64\log.txt
2013-03-23 18:24:14 ----D---- C:\windows\system32\drivers
2013-03-23 18:21:28 ----D---- C:\windows\Tasks
2013-03-23 18:21:06 ----SHD---- C:\System Volume Information
2013-03-23 18:21:01 ----D---- C:\windows\system32\drivers\etc
2013-03-23 18:05:18 ----SHD---- C:\windows\Installer
2013-03-23 18:05:18 ----D---- C:\windows\system32\appmgmt
2013-03-23 18:05:00 ----D---- C:\Program Files\Hewlett-Packard
2013-03-23 18:04:53 ----D---- C:\windows\system32\Tasks
2013-03-23 18:00:33 ----RD---- C:\Program Files
2013-03-23 18:00:26 ----RD---- C:\Program Files (x86)
2013-03-23 17:59:24 ----SD---- C:\ProgramData\Microsoft
2013-03-23 15:42:24 ----D---- C:\Program Files (x86)\Google
2013-03-23 15:18:40 ----HD---- C:\ProgramData
2013-03-23 13:29:50 ----D---- C:\Users\Bedna\AppData\Roaming\Mozilla
2013-03-23 13:03:22 ----D---- C:\windows\System32
2013-03-23 13:03:22 ----D---- C:\windows\inf
2013-03-23 13:03:22 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-03-23 12:54:43 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-03-23 10:27:15 ----D---- C:\windows\Prefetch
2013-03-23 10:23:51 ----D---- C:\ProgramData\PC Suite
2013-03-23 10:23:37 ----D---- C:\Windows
2013-03-18 21:20:30 ----D---- C:\windows\system32\catroot
2013-03-18 01:28:04 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-03-16 20:30:11 ----RSD---- C:\windows\assembly
2013-03-16 20:30:11 ----D---- C:\windows\Microsoft.NET
2013-03-16 20:11:21 ----D---- C:\Users\Bedna\AppData\Roaming\Nokia
2013-03-16 19:22:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-16 19:19:17 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2013-03-14 16:55:45 ----D---- C:\windows\rescache
2013-03-14 07:55:54 ----D---- C:\windows\SYSWOW64\migration
2013-03-14 07:55:54 ----D---- C:\windows\system32\migration
2013-03-14 07:55:54 ----D---- C:\windows\AppPatch
2013-03-14 07:55:54 ----D---- C:\Program Files\Internet Explorer
2013-03-14 07:55:54 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 07:38:59 ----D---- C:\ProgramData\Microsoft Help
2013-03-14 07:36:27 ----A---- C:\windows\system32\MRT.exe
2013-03-10 17:52:20 ----D---- C:\Users\Bedna\AppData\Roaming\Skype
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\zh-HK
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\pt-PT
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\pt-BR
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\pl-PL
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\nl-NL
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\ko-KR
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\it-IT
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\hu-HU
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\fr-FR
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\el-GR
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\zh-TW
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\zh-CN
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\tr-TR
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\sv-SE
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\ru-RU
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\nb-NO
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\ja-JP
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\fi-FI
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\es-ES
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\en-US
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\de-DE
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\da-DK
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-02-28 07:56:55 ----D---- C:\windows\system32\zh-TW
2013-02-28 07:56:55 ----D---- C:\windows\system32\zh-HK
2013-02-28 07:56:55 ----D---- C:\windows\system32\tr-TR
2013-02-28 07:56:55 ----D---- C:\windows\system32\sv-SE
2013-02-28 07:56:55 ----D---- C:\windows\system32\pt-PT
2013-02-28 07:56:55 ----D---- C:\windows\system32\pt-BR
2013-02-28 07:56:55 ----D---- C:\windows\system32\pl-PL
2013-02-28 07:56:55 ----D---- C:\windows\system32\nl-NL
2013-02-28 07:56:55 ----D---- C:\windows\system32\ko-KR
2013-02-28 07:56:55 ----D---- C:\windows\system32\it-IT
2013-02-28 07:56:55 ----D---- C:\windows\system32\hu-HU
2013-02-28 07:56:55 ----D---- C:\windows\system32\fr-FR
2013-02-28 07:56:55 ----D---- C:\windows\system32\fi-FI
2013-02-28 07:56:55 ----D---- C:\windows\system32\es-ES
2013-02-28 07:56:55 ----D---- C:\windows\system32\el-GR
2013-02-28 07:56:55 ----D---- C:\windows\system32\de-DE
2013-02-28 07:56:54 ----D---- C:\windows\system32\zh-CN
2013-02-28 07:56:54 ----D---- C:\windows\system32\ru-RU
2013-02-28 07:56:54 ----D---- C:\windows\system32\nb-NO
2013-02-28 07:56:54 ----D---- C:\windows\system32\ja-JP
2013-02-28 07:56:54 ----D---- C:\windows\system32\en-US
2013-02-28 07:56:54 ----D---- C:\windows\system32\da-DK
2013-02-28 07:56:54 ----D---- C:\windows\system32\cs-CZ
2013-02-28 07:44:50 ----D---- C:\ProgramData\Skype
2013-02-28 07:44:46 ----RD---- C:\Program Files (x86)\Skype
2013-02-28 07:44:46 ----D---- C:\Program Files (x86)\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-03-16 30488]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\drivers\iaStor.sys [2012-02-02 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2012-03-08 58000]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\windows\System32\drivers\psd.sys [2010-01-26 44576]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-02-15 71032]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-03-16 43800]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2012-03-29 10859008]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2012-03-29 328704]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2012-02-03 42816]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2011-12-05 95248]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2012-05-17 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2012-02-02 184360]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2012-02-02 211496]
R3 BTWDPAN;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\btwdpan.sys [2012-02-02 89640]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2012-02-02 21544]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2012-02-22 360624]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-18 25912]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2012-02-28 173656]
R3 johci;JMicron 1394 Filter Driver; C:\windows\system32\DRIVERS\johci.sys [2012-02-28 26200]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\Netwsw00.sys [2012-02-21 11471872]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2012-03-30 1863680]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-03-05 536064]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2012-03-09 425232]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
S3 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2012-01-31 64312]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
S3 dmvsc;dmvsc; C:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 vmbus;vmbus; C:\windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2012-03-29 235520]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-02-15 393080]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-02-15 384888]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-18 135952]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2012-02-02 945440]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2012-03-15 493904]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-03-14 152992]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-03-22 372824]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-03-16 33560]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-03-01 13592]
R2 IFXSpMgtSrv;Security Platform Management Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2012-01-27 1127800]
R2 IFXTCS;Trusted Platform Core Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [2012-01-27 984440]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-28 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-28 165144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-28 277784]
R2 PersonalSecureDriveService;Personal Secure Drive Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [2012-01-27 212344]
R2 RoxioBurnLauncher;Roxio Burn Launcher; C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [2012-03-21 536848]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-03-05 314880]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2012-02-03 498352]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-28 363800]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2012-03-20 2694224]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-03-15 1420160]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2012-01-31 477056]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2012-03-07 1118480]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2011-12-08 76416]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-07-10 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-03-09 117552]
-----------------EOF-----------------
Run by Bedna at 2013-03-23 18:52:37
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 166 GB (36%) free of 454 GB
Total RAM: 4046 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:52:55, on 23.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files\trend micro\Bedna.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - (no file)
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IFXSPMGT] "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Roxio Burn Launcher (RoxioBurnLauncher) - Unknown owner - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13860 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\windows\system32\Dwm.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\Explorer.EXE
taskeng.exe {412AF88C-0EC5-42F4-83C5-CDDC0FF3E566}
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\BlueStacks\HD-Network.exe"
\??\C:\windows\system32\conhost.exe "-48357080621085301031862080190-1647947846341858690-7829533241191892439-901756111
"C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe"
\??\C:\windows\system32\conhost.exe "192995769015847906601141858575-2778701641976902175-909304423-314806889126239428
"C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe"
\??\C:\windows\system32\conhost.exe "-1309907318-10313795713398919851192783973-1188703492151644433016420170661219512636
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-501ed0e6-47d3-4781-82b6-618760b8298a -SystemEventPortName:HostProcess-760cb431-64d0-42ba-baa0-cedb86f8127b -IoCancelEventPortName:HostProcess-b4675e8c-8eab-44ef-8224-2afc120850e2 -NonStateChangingEventPortName:HostProcess-d16be956-45b0-4ee8-ae8b-34149bb844e7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:65b89999-50d5-4e85-b0fe-0077688958a6 -DeviceGroupId:
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\BlueStacks\HD-Agent.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5788.0.521803378\315437302" --supports-dual-gpus=false --gpu-vendor-id=0x1002 --gpu-device-id=0x6841 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.951.6.0 --ignored=" --type=renderer " /prefetch:12
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxSearchSuggestTrialStarted2013Q1/11/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Enabled/SideloadWipeout/Enabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="5788.2.1782567399\1809226478" /prefetch:3
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxSearchSuggestTrialStarted2013Q1/11/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Enabled/SideloadWipeout/Enabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="5788.3.1336064439\1952171578" /prefetch:3
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxSearchSuggestTrialStarted2013Q1/11/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Enabled/SideloadWipeout/Enabled/SpdyCwnd/cwnd16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_31/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="5788.4.746166217\1288242844" /prefetch:3
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
"C:\Users\Bedna\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5788.5.1809421118\1373541489" --lang=cs --ignored=" --type=renderer " /prefetch:13
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
-Minimized
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Users\Bedna\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22 122456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-03-09 2887440]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2012-03-14 15232]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-03-05 1425408]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-03-01 56088]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-03-14 319360]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-03-30 636032]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-03-15 184704]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2012-03-22 12310616]
"IFXSPMGT"=c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2012-01-27 1127800]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2013-02-15 601976]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-03-23 18:20:25 ----D---- C:\_OTM
2013-03-23 15:18:52 ----D---- C:\Users\Bedna\AppData\Roaming\Malwarebytes
2013-03-23 15:18:40 ----D---- C:\ProgramData\Malwarebytes
2013-03-23 15:18:38 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-23 15:01:00 ----A---- C:\AdwCleaner[S2].txt
2013-03-23 14:46:13 ----A---- C:\AdwCleaner[R2].txt
2013-03-23 14:01:46 ----D---- C:\rsit
2013-03-23 14:01:46 ----D---- C:\Program Files\trend micro
2013-03-23 13:58:00 ----D---- C:\ProgramData\TEMP
2013-03-23 13:57:44 ----D---- C:\Program Files (x86)\Nsasoft
2013-03-20 21:45:59 ----D---- C:\Users\Bedna\AppData\Roaming\Dropbox
2013-03-18 01:27:59 ----D---- C:\windows\system32\Macromed
2013-03-17 23:43:23 ----A---- C:\windows\system32\drivers\aswFsBlk.sys
2013-03-17 23:43:22 ----A---- C:\windows\system32\drivers\aswSP.sys
2013-03-17 23:43:19 ----A---- C:\windows\system32\drivers\aswTdi.sys
2013-03-17 23:43:19 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2013-03-17 23:43:18 ----A---- C:\windows\system32\drivers\aswVmm.sys
2013-03-17 23:43:18 ----A---- C:\windows\system32\drivers\aswSnx.sys
2013-03-17 23:43:17 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2013-03-17 23:43:15 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2013-03-17 23:43:15 ----A---- C:\windows\system32\aswBoot.exe
2013-03-17 23:42:44 ----A---- C:\windows\avastSS.scr
2013-03-17 23:42:25 ----D---- C:\Program Files\AVAST Software
2013-03-17 23:39:30 ----D---- C:\ProgramData\AVAST Software
2013-03-16 19:24:40 ----D---- C:\Users\Bedna\AppData\Roaming\Samsung
2013-03-16 19:22:43 ----A---- C:\windows\SYSWOW64\Redemption.dll
2013-03-16 19:22:19 ----A---- C:\windows\SYSWOW64\dgderapi.dll
2013-03-16 19:21:32 ----D---- C:\ProgramData\Samsung
2013-03-16 19:21:32 ----D---- C:\Program Files (x86)\Samsung
2013-03-16 19:15:18 ----SHD---- C:\Config.Msi
2013-03-16 13:41:32 ----D---- C:\Program Files (x86)\BlueStacks
2013-03-16 13:41:02 ----D---- C:\ProgramData\BlueStacksSetup
2013-03-16 13:41:01 ----D---- C:\ProgramData\BlueStacks
2013-03-14 07:34:46 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-03-14 07:34:46 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-03-14 07:34:46 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-03-14 07:34:46 ----A---- C:\windows\system32\mshtmled.dll
2013-03-14 07:34:45 ----A---- C:\windows\SYSWOW64\url.dll
2013-03-14 07:34:45 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-03-14 07:34:45 ----A---- C:\windows\system32\url.dll
2013-03-14 07:34:45 ----A---- C:\windows\system32\ieUnatt.exe
2013-03-14 07:34:45 ----A---- C:\windows\system32\ieui.dll
2013-03-14 07:34:44 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-03-14 07:34:44 ----A---- C:\windows\system32\urlmon.dll
2013-03-14 07:34:43 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-03-14 07:34:43 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-03-14 07:34:43 ----A---- C:\windows\system32\msfeeds.dll
2013-03-14 07:34:43 ----A---- C:\windows\system32\jscript9.dll
2013-03-14 07:34:42 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-03-14 07:34:42 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-03-14 07:34:42 ----A---- C:\windows\system32\wininet.dll
2013-03-14 07:34:42 ----A---- C:\windows\system32\vbscript.dll
2013-03-14 07:34:42 ----A---- C:\windows\system32\jsproxy.dll
2013-03-14 07:34:41 ----A---- C:\windows\system32\jscript.dll
2013-03-14 07:34:40 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-03-14 07:34:40 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-03-14 07:34:40 ----A---- C:\windows\system32\iertutil.dll
2013-03-14 07:34:37 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-03-14 07:34:35 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-03-14 07:34:35 ----A---- C:\windows\system32\mshtml.dll
2013-03-14 07:34:35 ----A---- C:\windows\system32\ieframe.dll
2013-03-14 07:33:35 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 07:33:35 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-02-28 07:38:40 ----A---- C:\windows\SYSWOW64\UIAnimation.dll
2013-02-28 07:38:40 ----A---- C:\windows\SYSWOW64\msmpeg2vdec.dll
2013-02-28 07:38:40 ----A---- C:\windows\system32\UIAnimation.dll
2013-02-28 07:38:40 ----A---- C:\windows\system32\msmpeg2vdec.dll
2013-02-28 07:38:35 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2013-02-28 07:38:35 ----A---- C:\windows\system32\WMPhoto.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:38:32 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2013-02-28 07:38:32 ----A---- C:\windows\SYSWOW64\d3d10_1.dll
2013-02-28 07:38:32 ----A---- C:\windows\system32\XpsGdiConverter.dll
2013-02-28 07:38:32 ----A---- C:\windows\system32\d3d10warp.dll
2013-02-28 07:38:32 ----A---- C:\windows\system32\d3d10_1.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:38:31 ----A---- C:\windows\SYSWOW64\XpsGdiConverter.dll
2013-02-28 07:38:31 ----A---- C:\windows\SYSWOW64\dxgi.dll
2013-02-28 07:38:31 ----A---- C:\windows\SYSWOW64\d3d10level9.dll
2013-02-28 07:38:31 ----A---- C:\windows\system32\dxgi.dll
2013-02-28 07:38:31 ----A---- C:\windows\system32\d3d10level9.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d11.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d10core.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d10_1core.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d10.dll
2013-02-28 07:38:30 ----A---- C:\windows\system32\d3d11.dll
2013-02-28 07:38:30 ----A---- C:\windows\system32\d3d10core.dll
2013-02-28 07:38:30 ----A---- C:\windows\system32\d3d10_1core.dll
2013-02-28 07:38:29 ----A---- C:\windows\SYSWOW64\XpsPrint.dll
2013-02-28 07:38:29 ----A---- C:\windows\SYSWOW64\DWrite.dll
2013-02-28 07:38:29 ----A---- C:\windows\system32\XpsPrint.dll
2013-02-28 07:38:29 ----A---- C:\windows\system32\FntCache.dll
2013-02-28 07:38:29 ----A---- C:\windows\system32\d3d10.dll
2013-02-28 07:38:28 ----A---- C:\windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-28 07:38:28 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2013-02-28 07:38:28 ----A---- C:\windows\SYSWOW64\d2d1.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\WindowsCodecsExt.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\WindowsCodecs.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\DWrite.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\d2d1.dll
======List of files/folders modified in the last 1 month======
2013-03-23 19:18:49 ----D---- C:\windows\winsxs
2013-03-23 19:18:49 ----D---- C:\windows\system32\wfp
2013-03-23 19:18:49 ----D---- C:\windows\system32\DriverStore
2013-03-23 19:18:49 ----D---- C:\windows\system32\catroot2
2013-03-23 19:18:48 ----D---- C:\windows\SysWOW64
2013-03-23 19:18:47 ----D---- C:\windows\AppCompat
2013-03-23 19:18:38 ----D---- C:\windows\system32\wbem
2013-03-23 19:18:38 ----D---- C:\windows\registration
2013-03-23 19:17:47 ----RHD---- C:\MSOCache
2013-03-23 19:15:09 ----D---- C:\windows\system32\LogFiles
2013-03-23 18:52:38 ----D---- C:\windows\Temp
2013-03-23 18:37:38 ----D---- C:\windows\system32\config
2013-03-23 18:26:15 ----A---- C:\windows\SYSWOW64\log.txt
2013-03-23 18:24:14 ----D---- C:\windows\system32\drivers
2013-03-23 18:21:28 ----D---- C:\windows\Tasks
2013-03-23 18:21:06 ----SHD---- C:\System Volume Information
2013-03-23 18:21:01 ----D---- C:\windows\system32\drivers\etc
2013-03-23 18:05:18 ----SHD---- C:\windows\Installer
2013-03-23 18:05:18 ----D---- C:\windows\system32\appmgmt
2013-03-23 18:05:00 ----D---- C:\Program Files\Hewlett-Packard
2013-03-23 18:04:53 ----D---- C:\windows\system32\Tasks
2013-03-23 18:00:33 ----RD---- C:\Program Files
2013-03-23 18:00:26 ----RD---- C:\Program Files (x86)
2013-03-23 17:59:24 ----SD---- C:\ProgramData\Microsoft
2013-03-23 15:42:24 ----D---- C:\Program Files (x86)\Google
2013-03-23 15:18:40 ----HD---- C:\ProgramData
2013-03-23 13:29:50 ----D---- C:\Users\Bedna\AppData\Roaming\Mozilla
2013-03-23 13:03:22 ----D---- C:\windows\System32
2013-03-23 13:03:22 ----D---- C:\windows\inf
2013-03-23 13:03:22 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-03-23 12:54:43 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-03-23 10:27:15 ----D---- C:\windows\Prefetch
2013-03-23 10:23:51 ----D---- C:\ProgramData\PC Suite
2013-03-23 10:23:37 ----D---- C:\Windows
2013-03-18 21:20:30 ----D---- C:\windows\system32\catroot
2013-03-18 01:28:04 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-03-16 20:30:11 ----RSD---- C:\windows\assembly
2013-03-16 20:30:11 ----D---- C:\windows\Microsoft.NET
2013-03-16 20:11:21 ----D---- C:\Users\Bedna\AppData\Roaming\Nokia
2013-03-16 19:22:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-16 19:19:17 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2013-03-14 16:55:45 ----D---- C:\windows\rescache
2013-03-14 07:55:54 ----D---- C:\windows\SYSWOW64\migration
2013-03-14 07:55:54 ----D---- C:\windows\system32\migration
2013-03-14 07:55:54 ----D---- C:\windows\AppPatch
2013-03-14 07:55:54 ----D---- C:\Program Files\Internet Explorer
2013-03-14 07:55:54 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 07:38:59 ----D---- C:\ProgramData\Microsoft Help
2013-03-14 07:36:27 ----A---- C:\windows\system32\MRT.exe
2013-03-10 17:52:20 ----D---- C:\Users\Bedna\AppData\Roaming\Skype
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\zh-HK
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\pt-PT
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\pt-BR
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\pl-PL
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\nl-NL
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\ko-KR
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\it-IT
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\hu-HU
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\fr-FR
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\el-GR
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\zh-TW
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\zh-CN
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\tr-TR
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\sv-SE
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\ru-RU
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\nb-NO
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\ja-JP
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\fi-FI
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\es-ES
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\en-US
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\de-DE
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\da-DK
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-02-28 07:56:55 ----D---- C:\windows\system32\zh-TW
2013-02-28 07:56:55 ----D---- C:\windows\system32\zh-HK
2013-02-28 07:56:55 ----D---- C:\windows\system32\tr-TR
2013-02-28 07:56:55 ----D---- C:\windows\system32\sv-SE
2013-02-28 07:56:55 ----D---- C:\windows\system32\pt-PT
2013-02-28 07:56:55 ----D---- C:\windows\system32\pt-BR
2013-02-28 07:56:55 ----D---- C:\windows\system32\pl-PL
2013-02-28 07:56:55 ----D---- C:\windows\system32\nl-NL
2013-02-28 07:56:55 ----D---- C:\windows\system32\ko-KR
2013-02-28 07:56:55 ----D---- C:\windows\system32\it-IT
2013-02-28 07:56:55 ----D---- C:\windows\system32\hu-HU
2013-02-28 07:56:55 ----D---- C:\windows\system32\fr-FR
2013-02-28 07:56:55 ----D---- C:\windows\system32\fi-FI
2013-02-28 07:56:55 ----D---- C:\windows\system32\es-ES
2013-02-28 07:56:55 ----D---- C:\windows\system32\el-GR
2013-02-28 07:56:55 ----D---- C:\windows\system32\de-DE
2013-02-28 07:56:54 ----D---- C:\windows\system32\zh-CN
2013-02-28 07:56:54 ----D---- C:\windows\system32\ru-RU
2013-02-28 07:56:54 ----D---- C:\windows\system32\nb-NO
2013-02-28 07:56:54 ----D---- C:\windows\system32\ja-JP
2013-02-28 07:56:54 ----D---- C:\windows\system32\en-US
2013-02-28 07:56:54 ----D---- C:\windows\system32\da-DK
2013-02-28 07:56:54 ----D---- C:\windows\system32\cs-CZ
2013-02-28 07:44:50 ----D---- C:\ProgramData\Skype
2013-02-28 07:44:46 ----RD---- C:\Program Files (x86)\Skype
2013-02-28 07:44:46 ----D---- C:\Program Files (x86)\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-03-16 30488]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\drivers\iaStor.sys [2012-02-02 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2012-03-08 58000]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\windows\System32\drivers\psd.sys [2010-01-26 44576]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-02-15 71032]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-03-16 43800]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2012-03-29 10859008]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2012-03-29 328704]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2012-02-03 42816]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2011-12-05 95248]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2012-05-17 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2012-02-02 184360]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2012-02-02 211496]
R3 BTWDPAN;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\btwdpan.sys [2012-02-02 89640]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2012-02-02 21544]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2012-02-22 360624]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-18 25912]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2012-02-28 173656]
R3 johci;JMicron 1394 Filter Driver; C:\windows\system32\DRIVERS\johci.sys [2012-02-28 26200]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\Netwsw00.sys [2012-02-21 11471872]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2012-03-30 1863680]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-03-05 536064]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2012-03-09 425232]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
S3 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2012-01-31 64312]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
S3 dmvsc;dmvsc; C:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 vmbus;vmbus; C:\windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2012-03-29 235520]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-02-15 393080]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-02-15 384888]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-18 135952]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2012-02-02 945440]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2012-03-15 493904]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-03-14 152992]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-03-22 372824]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-03-16 33560]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-03-01 13592]
R2 IFXSpMgtSrv;Security Platform Management Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2012-01-27 1127800]
R2 IFXTCS;Trusted Platform Core Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [2012-01-27 984440]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-28 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-28 165144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-28 277784]
R2 PersonalSecureDriveService;Personal Secure Drive Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [2012-01-27 212344]
R2 RoxioBurnLauncher;Roxio Burn Launcher; C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [2012-03-21 536848]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-03-05 314880]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2012-02-03 498352]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-28 363800]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2012-03-20 2694224]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-03-15 1420160]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2012-01-31 477056]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2012-03-07 1118480]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2011-12-08 76416]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-07-10 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-03-09 117552]
-----------------EOF-----------------
Re: chyceny trojsky kun z odkazu na video na facebooku
Neco nam tam zustalo.
Znovu spustte OTM jako spravce
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)
Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)
Preinstalujte internetovy prohlizec a zkuste, jestli to porad blbne
Znovu spustte OTM jako spravceDo leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] /64
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)
Preinstalujte internetovy prohlizec a zkuste, jestli to porad blbnePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: chyceny trojsky kun z odkazu na video na facebooku
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Bedna
->Temp folder emptied: 95000 bytes
->Temporary Internet Files folder emptied: 37294 bytes
->Google Chrome cache emptied: 7904126 bytes
->Flash cache emptied: 0 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Kajman
User: Marcela
User: Pavey
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4964 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33725 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 8,00 mb
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
OTM by OldTimer - Version 3.1.21.0 log created on 03232013_191140
Files moved on Reboot...
C:\Users\Bedna\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File C:\windows\temp\_avast_\Webshlock.txt not found!
Registry entries deleted on Reboot...
Jdu preinstalovat Chrome a zkusim se mrknout na facebook
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Bedna
->Temp folder emptied: 95000 bytes
->Temporary Internet Files folder emptied: 37294 bytes
->Google Chrome cache emptied: 7904126 bytes
->Flash cache emptied: 0 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Kajman
User: Marcela
User: Pavey
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4964 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33725 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 8,00 mb
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
OTM by OldTimer - Version 3.1.21.0 log created on 03232013_191140
Files moved on Reboot...
C:\Users\Bedna\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File C:\windows\temp\_avast_\Webshlock.txt not found!
Registry entries deleted on Reboot...
Jdu preinstalovat Chrome a zkusim se mrknout na facebook
Re: chyceny trojsky kun z odkazu na video na facebooku
OK
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: chyceny trojsky kun z odkazu na video na facebooku
Takze, jsem preinstaloval Chrome, zasel na fb a zatim se nic nedeje, odstranil jsem ji na profilu miliardu sledovani a to se mi libi, tak uvidim. Neobjevovalo se to pokazde, ale vzdy po delsi dobe. Zitra rano to asi rozhodne. Pokud se to zase objevi, tak zrejme nezbude nez format C: 
Jeste posilam pro jistotu log po navsteve fb.
Zatim moc moc moc dekuji za ochotu a pomoc!!!!!!!!!!!!!!!!!!!!!!
Logfile of random's system information tool 1.09 (written by random/random)
Run by Bedna at 2013-03-23 20:26:56
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 166 GB (36%) free of 454 GB
Total RAM: 4046 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:27:00, on 23.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files\trend micro\Bedna.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IFXSPMGT] "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Roxio Burn Launcher (RoxioBurnLauncher) - Unknown owner - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13384 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\windows\system32\Dwm.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\Explorer.EXE
taskeng.exe {64802B28-23F2-417A-9D9B-CB5614EE4FEF}
C:\windows\System32\spoolsv.exe
"taskhost.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\BlueStacks\HD-Network.exe"
\??\C:\windows\system32\conhost.exe "-1558119783-1814637916-1714352189-196349724757553334-8576129072063975517-2043391366
"C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe"
\??\C:\windows\system32\conhost.exe "-1380459755-21077952051455989371-6117459571623550823-617687079-764406005408416621
"C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe"
\??\C:\windows\system32\conhost.exe "-162809481-7500518381514298511789521621977216188190071016-203366839-1475702460
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-488952ff-2e78-4d8d-b047-9330bbde0606 -SystemEventPortName:HostProcess-9e07ea49-766f-4342-8d06-da8f4329a669 -IoCancelEventPortName:HostProcess-dece3a84-92e2-4d63-85f5-5b088452da31 -NonStateChangingEventPortName:HostProcess-bd0ad25c-ec72-461c-88f7-841140ef6d67 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:426af9ce-c6f4-49d5-8b88-41d0e670411e -DeviceGroupId:
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\BlueStacks\HD-Agent.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
-Minimized
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Users\Bedna\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22 122456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-03-09 2887440]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2012-03-14 15232]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-03-05 1425408]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-03-01 56088]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-03-14 319360]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-03-30 636032]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-03-15 184704]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2012-03-22 12310616]
"IFXSPMGT"=c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2012-01-27 1127800]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2013-02-15 601976]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-03-23 18:20:25 ----D---- C:\_OTM
2013-03-23 15:18:52 ----D---- C:\Users\Bedna\AppData\Roaming\Malwarebytes
2013-03-23 15:18:40 ----D---- C:\ProgramData\Malwarebytes
2013-03-23 15:18:38 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-23 15:01:00 ----A---- C:\AdwCleaner[S2].txt
2013-03-23 14:46:13 ----A---- C:\AdwCleaner[R2].txt
2013-03-23 14:01:46 ----D---- C:\rsit
2013-03-23 14:01:46 ----D---- C:\Program Files\trend micro
2013-03-23 13:58:00 ----D---- C:\ProgramData\TEMP
2013-03-23 13:57:44 ----D---- C:\Program Files (x86)\Nsasoft
2013-03-20 21:45:59 ----D---- C:\Users\Bedna\AppData\Roaming\Dropbox
2013-03-18 01:27:59 ----D---- C:\windows\system32\Macromed
2013-03-17 23:43:23 ----A---- C:\windows\system32\drivers\aswFsBlk.sys
2013-03-17 23:43:22 ----A---- C:\windows\system32\drivers\aswSP.sys
2013-03-17 23:43:19 ----A---- C:\windows\system32\drivers\aswTdi.sys
2013-03-17 23:43:19 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2013-03-17 23:43:18 ----A---- C:\windows\system32\drivers\aswVmm.sys
2013-03-17 23:43:18 ----A---- C:\windows\system32\drivers\aswSnx.sys
2013-03-17 23:43:17 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2013-03-17 23:43:15 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2013-03-17 23:43:15 ----A---- C:\windows\system32\aswBoot.exe
2013-03-17 23:42:44 ----A---- C:\windows\avastSS.scr
2013-03-17 23:42:25 ----D---- C:\Program Files\AVAST Software
2013-03-17 23:39:30 ----D---- C:\ProgramData\AVAST Software
2013-03-16 19:24:40 ----D---- C:\Users\Bedna\AppData\Roaming\Samsung
2013-03-16 19:22:43 ----A---- C:\windows\SYSWOW64\Redemption.dll
2013-03-16 19:22:19 ----A---- C:\windows\SYSWOW64\dgderapi.dll
2013-03-16 19:21:32 ----D---- C:\ProgramData\Samsung
2013-03-16 19:21:32 ----D---- C:\Program Files (x86)\Samsung
2013-03-16 19:15:18 ----SHD---- C:\Config.Msi
2013-03-16 13:41:32 ----D---- C:\Program Files (x86)\BlueStacks
2013-03-16 13:41:02 ----D---- C:\ProgramData\BlueStacksSetup
2013-03-16 13:41:01 ----D---- C:\ProgramData\BlueStacks
2013-03-14 07:34:46 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-03-14 07:34:46 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-03-14 07:34:46 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-03-14 07:34:46 ----A---- C:\windows\system32\mshtmled.dll
2013-03-14 07:34:45 ----A---- C:\windows\SYSWOW64\url.dll
2013-03-14 07:34:45 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-03-14 07:34:45 ----A---- C:\windows\system32\url.dll
2013-03-14 07:34:45 ----A---- C:\windows\system32\ieUnatt.exe
2013-03-14 07:34:45 ----A---- C:\windows\system32\ieui.dll
2013-03-14 07:34:44 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-03-14 07:34:44 ----A---- C:\windows\system32\urlmon.dll
2013-03-14 07:34:43 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-03-14 07:34:43 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-03-14 07:34:43 ----A---- C:\windows\system32\msfeeds.dll
2013-03-14 07:34:43 ----A---- C:\windows\system32\jscript9.dll
2013-03-14 07:34:42 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-03-14 07:34:42 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-03-14 07:34:42 ----A---- C:\windows\system32\wininet.dll
2013-03-14 07:34:42 ----A---- C:\windows\system32\vbscript.dll
2013-03-14 07:34:42 ----A---- C:\windows\system32\jsproxy.dll
2013-03-14 07:34:41 ----A---- C:\windows\system32\jscript.dll
2013-03-14 07:34:40 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-03-14 07:34:40 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-03-14 07:34:40 ----A---- C:\windows\system32\iertutil.dll
2013-03-14 07:34:37 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-03-14 07:34:35 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-03-14 07:34:35 ----A---- C:\windows\system32\mshtml.dll
2013-03-14 07:34:35 ----A---- C:\windows\system32\ieframe.dll
2013-03-14 07:33:35 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 07:33:35 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-02-28 07:38:40 ----A---- C:\windows\SYSWOW64\UIAnimation.dll
2013-02-28 07:38:40 ----A---- C:\windows\SYSWOW64\msmpeg2vdec.dll
2013-02-28 07:38:40 ----A---- C:\windows\system32\UIAnimation.dll
2013-02-28 07:38:40 ----A---- C:\windows\system32\msmpeg2vdec.dll
2013-02-28 07:38:35 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2013-02-28 07:38:35 ----A---- C:\windows\system32\WMPhoto.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:38:32 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2013-02-28 07:38:32 ----A---- C:\windows\SYSWOW64\d3d10_1.dll
2013-02-28 07:38:32 ----A---- C:\windows\system32\XpsGdiConverter.dll
2013-02-28 07:38:32 ----A---- C:\windows\system32\d3d10warp.dll
2013-02-28 07:38:32 ----A---- C:\windows\system32\d3d10_1.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:38:31 ----A---- C:\windows\SYSWOW64\XpsGdiConverter.dll
2013-02-28 07:38:31 ----A---- C:\windows\SYSWOW64\dxgi.dll
2013-02-28 07:38:31 ----A---- C:\windows\SYSWOW64\d3d10level9.dll
2013-02-28 07:38:31 ----A---- C:\windows\system32\dxgi.dll
2013-02-28 07:38:31 ----A---- C:\windows\system32\d3d10level9.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d11.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d10core.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d10_1core.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d10.dll
2013-02-28 07:38:30 ----A---- C:\windows\system32\d3d11.dll
2013-02-28 07:38:30 ----A---- C:\windows\system32\d3d10core.dll
2013-02-28 07:38:30 ----A---- C:\windows\system32\d3d10_1core.dll
2013-02-28 07:38:29 ----A---- C:\windows\SYSWOW64\XpsPrint.dll
2013-02-28 07:38:29 ----A---- C:\windows\SYSWOW64\DWrite.dll
2013-02-28 07:38:29 ----A---- C:\windows\system32\XpsPrint.dll
2013-02-28 07:38:29 ----A---- C:\windows\system32\FntCache.dll
2013-02-28 07:38:29 ----A---- C:\windows\system32\d3d10.dll
2013-02-28 07:38:28 ----A---- C:\windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-28 07:38:28 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2013-02-28 07:38:28 ----A---- C:\windows\SYSWOW64\d2d1.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\WindowsCodecsExt.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\WindowsCodecs.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\DWrite.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\d2d1.dll
======List of files/folders modified in the last 1 month======
2013-03-23 20:26:58 ----D---- C:\windows\Temp
2013-03-23 19:28:05 ----D---- C:\windows\system32\config
2013-03-23 19:26:56 ----RD---- C:\Program Files (x86)
2013-03-23 19:26:45 ----D---- C:\Program Files (x86)\Google
2013-03-23 19:25:34 ----SHD---- C:\windows\Installer
2013-03-23 19:25:34 ----D---- C:\Program Files (x86)\Common Files
2013-03-23 19:25:16 ----SHD---- C:\System Volume Information
2013-03-23 19:18:49 ----D---- C:\windows\winsxs
2013-03-23 19:18:49 ----D---- C:\windows\system32\wfp
2013-03-23 19:18:49 ----D---- C:\windows\system32\DriverStore
2013-03-23 19:18:49 ----D---- C:\windows\system32\catroot2
2013-03-23 19:18:48 ----D---- C:\windows\SysWOW64
2013-03-23 19:18:47 ----D---- C:\windows\AppCompat
2013-03-23 19:18:38 ----D---- C:\windows\system32\wbem
2013-03-23 19:18:38 ----D---- C:\windows\registration
2013-03-23 19:17:47 ----RHD---- C:\MSOCache
2013-03-23 19:16:40 ----A---- C:\windows\SYSWOW64\log.txt
2013-03-23 19:15:09 ----D---- C:\windows\system32\LogFiles
2013-03-23 18:24:14 ----D---- C:\windows\system32\drivers
2013-03-23 18:21:28 ----D---- C:\windows\Tasks
2013-03-23 18:21:01 ----D---- C:\windows\system32\drivers\etc
2013-03-23 18:05:18 ----D---- C:\windows\system32\appmgmt
2013-03-23 18:05:00 ----D---- C:\Program Files\Hewlett-Packard
2013-03-23 18:04:53 ----D---- C:\windows\system32\Tasks
2013-03-23 18:00:33 ----RD---- C:\Program Files
2013-03-23 17:59:24 ----SD---- C:\ProgramData\Microsoft
2013-03-23 15:18:40 ----HD---- C:\ProgramData
2013-03-23 13:29:50 ----D---- C:\Users\Bedna\AppData\Roaming\Mozilla
2013-03-23 13:03:22 ----D---- C:\windows\System32
2013-03-23 13:03:22 ----D---- C:\windows\inf
2013-03-23 13:03:22 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-03-23 12:54:43 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-03-23 10:27:15 ----D---- C:\windows\Prefetch
2013-03-23 10:23:51 ----D---- C:\ProgramData\PC Suite
2013-03-23 10:23:37 ----D---- C:\Windows
2013-03-18 21:20:30 ----D---- C:\windows\system32\catroot
2013-03-18 01:28:04 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-03-16 20:30:11 ----RSD---- C:\windows\assembly
2013-03-16 20:30:11 ----D---- C:\windows\Microsoft.NET
2013-03-16 20:11:21 ----D---- C:\Users\Bedna\AppData\Roaming\Nokia
2013-03-16 19:22:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-16 19:19:17 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2013-03-14 16:55:45 ----D---- C:\windows\rescache
2013-03-14 07:55:54 ----D---- C:\windows\SYSWOW64\migration
2013-03-14 07:55:54 ----D---- C:\windows\system32\migration
2013-03-14 07:55:54 ----D---- C:\windows\AppPatch
2013-03-14 07:55:54 ----D---- C:\Program Files\Internet Explorer
2013-03-14 07:55:54 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 07:38:59 ----D---- C:\ProgramData\Microsoft Help
2013-03-14 07:36:27 ----A---- C:\windows\system32\MRT.exe
2013-03-10 17:52:20 ----D---- C:\Users\Bedna\AppData\Roaming\Skype
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\zh-HK
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\pt-PT
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\pt-BR
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\pl-PL
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\nl-NL
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\ko-KR
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\it-IT
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\hu-HU
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\fr-FR
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\el-GR
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\zh-TW
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\zh-CN
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\tr-TR
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\sv-SE
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\ru-RU
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\nb-NO
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\ja-JP
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\fi-FI
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\es-ES
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\en-US
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\de-DE
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\da-DK
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-02-28 07:56:55 ----D---- C:\windows\system32\zh-TW
2013-02-28 07:56:55 ----D---- C:\windows\system32\zh-HK
2013-02-28 07:56:55 ----D---- C:\windows\system32\tr-TR
2013-02-28 07:56:55 ----D---- C:\windows\system32\sv-SE
2013-02-28 07:56:55 ----D---- C:\windows\system32\pt-PT
2013-02-28 07:56:55 ----D---- C:\windows\system32\pt-BR
2013-02-28 07:56:55 ----D---- C:\windows\system32\pl-PL
2013-02-28 07:56:55 ----D---- C:\windows\system32\nl-NL
2013-02-28 07:56:55 ----D---- C:\windows\system32\ko-KR
2013-02-28 07:56:55 ----D---- C:\windows\system32\it-IT
2013-02-28 07:56:55 ----D---- C:\windows\system32\hu-HU
2013-02-28 07:56:55 ----D---- C:\windows\system32\fr-FR
2013-02-28 07:56:55 ----D---- C:\windows\system32\fi-FI
2013-02-28 07:56:55 ----D---- C:\windows\system32\es-ES
2013-02-28 07:56:55 ----D---- C:\windows\system32\el-GR
2013-02-28 07:56:55 ----D---- C:\windows\system32\de-DE
2013-02-28 07:56:54 ----D---- C:\windows\system32\zh-CN
2013-02-28 07:56:54 ----D---- C:\windows\system32\ru-RU
2013-02-28 07:56:54 ----D---- C:\windows\system32\nb-NO
2013-02-28 07:56:54 ----D---- C:\windows\system32\ja-JP
2013-02-28 07:56:54 ----D---- C:\windows\system32\en-US
2013-02-28 07:56:54 ----D---- C:\windows\system32\da-DK
2013-02-28 07:56:54 ----D---- C:\windows\system32\cs-CZ
2013-02-28 07:44:50 ----D---- C:\ProgramData\Skype
2013-02-28 07:44:46 ----RD---- C:\Program Files (x86)\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-03-16 30488]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\drivers\iaStor.sys [2012-02-02 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2012-03-08 58000]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\windows\System32\drivers\psd.sys [2010-01-26 44576]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-02-15 71032]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-03-16 43800]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2012-03-29 10859008]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2012-03-29 328704]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2012-02-03 42816]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2011-12-05 95248]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2012-05-17 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2012-02-02 184360]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2012-02-02 211496]
R3 BTWDPAN;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\btwdpan.sys [2012-02-02 89640]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2012-02-02 21544]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2012-02-22 360624]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-18 25912]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2012-02-28 173656]
R3 johci;JMicron 1394 Filter Driver; C:\windows\system32\DRIVERS\johci.sys [2012-02-28 26200]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\Netwsw00.sys [2012-02-21 11471872]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2012-03-30 1863680]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-03-05 536064]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2012-03-09 425232]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
S3 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2012-01-31 64312]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
S3 dmvsc;dmvsc; C:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 vmbus;vmbus; C:\windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2012-03-29 235520]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-02-15 393080]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-02-15 384888]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-18 135952]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2012-02-02 945440]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2012-03-15 493904]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-03-14 152992]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-03-22 372824]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-03-16 33560]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-03-01 13592]
R2 IFXSpMgtSrv;Security Platform Management Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2012-01-27 1127800]
R2 IFXTCS;Trusted Platform Core Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [2012-01-27 984440]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-28 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-28 165144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-28 277784]
R2 PersonalSecureDriveService;Personal Secure Drive Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [2012-01-27 212344]
R2 RoxioBurnLauncher;Roxio Burn Launcher; C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [2012-03-21 536848]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-03-05 314880]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2012-02-03 498352]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-28 363800]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2012-03-20 2694224]
R3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-03-15 1420160]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2012-01-31 477056]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2012-03-07 1118480]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2011-12-08 76416]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-07-10 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-03-09 117552]
-----------------EOF-----------------
Jeste posilam pro jistotu log po navsteve fb.
Zatim moc moc moc dekuji za ochotu a pomoc!!!!!!!!!!!!!!!!!!!!!!
Logfile of random's system information tool 1.09 (written by random/random)
Run by Bedna at 2013-03-23 20:26:56
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 166 GB (36%) free of 454 GB
Total RAM: 4046 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:27:00, on 23.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files\trend micro\Bedna.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IFXSPMGT] "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Roxio Burn Launcher (RoxioBurnLauncher) - Unknown owner - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13384 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\windows\system32\Dwm.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\Explorer.EXE
taskeng.exe {64802B28-23F2-417A-9D9B-CB5614EE4FEF}
C:\windows\System32\spoolsv.exe
"taskhost.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\BlueStacks\HD-Network.exe"
\??\C:\windows\system32\conhost.exe "-1558119783-1814637916-1714352189-196349724757553334-8576129072063975517-2043391366
"C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe"
\??\C:\windows\system32\conhost.exe "-1380459755-21077952051455989371-6117459571623550823-617687079-764406005408416621
"C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe"
\??\C:\windows\system32\conhost.exe "-162809481-7500518381514298511789521621977216188190071016-203366839-1475702460
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-488952ff-2e78-4d8d-b047-9330bbde0606 -SystemEventPortName:HostProcess-9e07ea49-766f-4342-8d06-da8f4329a669 -IoCancelEventPortName:HostProcess-dece3a84-92e2-4d63-85f5-5b088452da31 -NonStateChangingEventPortName:HostProcess-bd0ad25c-ec72-461c-88f7-841140ef6d67 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:426af9ce-c6f4-49d5-8b88-41d0e670411e -DeviceGroupId:
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\BlueStacks\HD-Agent.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
-Minimized
"c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Users\Bedna\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22 122456]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-03-09 2887440]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2012-03-14 15232]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-03-05 1425408]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-03-01 56088]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-03-14 319360]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-03-30 636032]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"HPConnectionManager"=c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-03-15 184704]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2012-03-22 12310616]
"IFXSPMGT"=c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2012-01-27 1127800]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2013-02-15 601976]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-03-23 18:20:25 ----D---- C:\_OTM
2013-03-23 15:18:52 ----D---- C:\Users\Bedna\AppData\Roaming\Malwarebytes
2013-03-23 15:18:40 ----D---- C:\ProgramData\Malwarebytes
2013-03-23 15:18:38 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-23 15:01:00 ----A---- C:\AdwCleaner[S2].txt
2013-03-23 14:46:13 ----A---- C:\AdwCleaner[R2].txt
2013-03-23 14:01:46 ----D---- C:\rsit
2013-03-23 14:01:46 ----D---- C:\Program Files\trend micro
2013-03-23 13:58:00 ----D---- C:\ProgramData\TEMP
2013-03-23 13:57:44 ----D---- C:\Program Files (x86)\Nsasoft
2013-03-20 21:45:59 ----D---- C:\Users\Bedna\AppData\Roaming\Dropbox
2013-03-18 01:27:59 ----D---- C:\windows\system32\Macromed
2013-03-17 23:43:23 ----A---- C:\windows\system32\drivers\aswFsBlk.sys
2013-03-17 23:43:22 ----A---- C:\windows\system32\drivers\aswSP.sys
2013-03-17 23:43:19 ----A---- C:\windows\system32\drivers\aswTdi.sys
2013-03-17 23:43:19 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2013-03-17 23:43:18 ----A---- C:\windows\system32\drivers\aswVmm.sys
2013-03-17 23:43:18 ----A---- C:\windows\system32\drivers\aswSnx.sys
2013-03-17 23:43:17 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2013-03-17 23:43:15 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2013-03-17 23:43:15 ----A---- C:\windows\system32\aswBoot.exe
2013-03-17 23:42:44 ----A---- C:\windows\avastSS.scr
2013-03-17 23:42:25 ----D---- C:\Program Files\AVAST Software
2013-03-17 23:39:30 ----D---- C:\ProgramData\AVAST Software
2013-03-16 19:24:40 ----D---- C:\Users\Bedna\AppData\Roaming\Samsung
2013-03-16 19:22:43 ----A---- C:\windows\SYSWOW64\Redemption.dll
2013-03-16 19:22:19 ----A---- C:\windows\SYSWOW64\dgderapi.dll
2013-03-16 19:21:32 ----D---- C:\ProgramData\Samsung
2013-03-16 19:21:32 ----D---- C:\Program Files (x86)\Samsung
2013-03-16 19:15:18 ----SHD---- C:\Config.Msi
2013-03-16 13:41:32 ----D---- C:\Program Files (x86)\BlueStacks
2013-03-16 13:41:02 ----D---- C:\ProgramData\BlueStacksSetup
2013-03-16 13:41:01 ----D---- C:\ProgramData\BlueStacks
2013-03-14 07:34:46 ----A---- C:\windows\SYSWOW64\vbscript.dll
2013-03-14 07:34:46 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2013-03-14 07:34:46 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-03-14 07:34:46 ----A---- C:\windows\system32\mshtmled.dll
2013-03-14 07:34:45 ----A---- C:\windows\SYSWOW64\url.dll
2013-03-14 07:34:45 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2013-03-14 07:34:45 ----A---- C:\windows\system32\url.dll
2013-03-14 07:34:45 ----A---- C:\windows\system32\ieUnatt.exe
2013-03-14 07:34:45 ----A---- C:\windows\system32\ieui.dll
2013-03-14 07:34:44 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-03-14 07:34:44 ----A---- C:\windows\system32\urlmon.dll
2013-03-14 07:34:43 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-03-14 07:34:43 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-03-14 07:34:43 ----A---- C:\windows\system32\msfeeds.dll
2013-03-14 07:34:43 ----A---- C:\windows\system32\jscript9.dll
2013-03-14 07:34:42 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-03-14 07:34:42 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-03-14 07:34:42 ----A---- C:\windows\system32\wininet.dll
2013-03-14 07:34:42 ----A---- C:\windows\system32\vbscript.dll
2013-03-14 07:34:42 ----A---- C:\windows\system32\jsproxy.dll
2013-03-14 07:34:41 ----A---- C:\windows\system32\jscript.dll
2013-03-14 07:34:40 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-03-14 07:34:40 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-03-14 07:34:40 ----A---- C:\windows\system32\iertutil.dll
2013-03-14 07:34:37 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-03-14 07:34:35 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-03-14 07:34:35 ----A---- C:\windows\system32\mshtml.dll
2013-03-14 07:34:35 ----A---- C:\windows\system32\ieframe.dll
2013-03-14 07:33:35 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 07:33:35 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-02-28 07:38:40 ----A---- C:\windows\SYSWOW64\UIAnimation.dll
2013-02-28 07:38:40 ----A---- C:\windows\SYSWOW64\msmpeg2vdec.dll
2013-02-28 07:38:40 ----A---- C:\windows\system32\UIAnimation.dll
2013-02-28 07:38:40 ----A---- C:\windows\system32\msmpeg2vdec.dll
2013-02-28 07:38:35 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2013-02-28 07:38:35 ----A---- C:\windows\system32\WMPhoto.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 07:38:33 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 07:38:32 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2013-02-28 07:38:32 ----A---- C:\windows\SYSWOW64\d3d10_1.dll
2013-02-28 07:38:32 ----A---- C:\windows\system32\XpsGdiConverter.dll
2013-02-28 07:38:32 ----A---- C:\windows\system32\d3d10warp.dll
2013-02-28 07:38:32 ----A---- C:\windows\system32\d3d10_1.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 07:38:31 ----AH---- C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 07:38:31 ----A---- C:\windows\SYSWOW64\XpsGdiConverter.dll
2013-02-28 07:38:31 ----A---- C:\windows\SYSWOW64\dxgi.dll
2013-02-28 07:38:31 ----A---- C:\windows\SYSWOW64\d3d10level9.dll
2013-02-28 07:38:31 ----A---- C:\windows\system32\dxgi.dll
2013-02-28 07:38:31 ----A---- C:\windows\system32\d3d10level9.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d11.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d10core.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d10_1core.dll
2013-02-28 07:38:30 ----A---- C:\windows\SYSWOW64\d3d10.dll
2013-02-28 07:38:30 ----A---- C:\windows\system32\d3d11.dll
2013-02-28 07:38:30 ----A---- C:\windows\system32\d3d10core.dll
2013-02-28 07:38:30 ----A---- C:\windows\system32\d3d10_1core.dll
2013-02-28 07:38:29 ----A---- C:\windows\SYSWOW64\XpsPrint.dll
2013-02-28 07:38:29 ----A---- C:\windows\SYSWOW64\DWrite.dll
2013-02-28 07:38:29 ----A---- C:\windows\system32\XpsPrint.dll
2013-02-28 07:38:29 ----A---- C:\windows\system32\FntCache.dll
2013-02-28 07:38:29 ----A---- C:\windows\system32\d3d10.dll
2013-02-28 07:38:28 ----A---- C:\windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-28 07:38:28 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2013-02-28 07:38:28 ----A---- C:\windows\SYSWOW64\d2d1.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\WindowsCodecsExt.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\WindowsCodecs.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\DWrite.dll
2013-02-28 07:38:28 ----A---- C:\windows\system32\d2d1.dll
======List of files/folders modified in the last 1 month======
2013-03-23 20:26:58 ----D---- C:\windows\Temp
2013-03-23 19:28:05 ----D---- C:\windows\system32\config
2013-03-23 19:26:56 ----RD---- C:\Program Files (x86)
2013-03-23 19:26:45 ----D---- C:\Program Files (x86)\Google
2013-03-23 19:25:34 ----SHD---- C:\windows\Installer
2013-03-23 19:25:34 ----D---- C:\Program Files (x86)\Common Files
2013-03-23 19:25:16 ----SHD---- C:\System Volume Information
2013-03-23 19:18:49 ----D---- C:\windows\winsxs
2013-03-23 19:18:49 ----D---- C:\windows\system32\wfp
2013-03-23 19:18:49 ----D---- C:\windows\system32\DriverStore
2013-03-23 19:18:49 ----D---- C:\windows\system32\catroot2
2013-03-23 19:18:48 ----D---- C:\windows\SysWOW64
2013-03-23 19:18:47 ----D---- C:\windows\AppCompat
2013-03-23 19:18:38 ----D---- C:\windows\system32\wbem
2013-03-23 19:18:38 ----D---- C:\windows\registration
2013-03-23 19:17:47 ----RHD---- C:\MSOCache
2013-03-23 19:16:40 ----A---- C:\windows\SYSWOW64\log.txt
2013-03-23 19:15:09 ----D---- C:\windows\system32\LogFiles
2013-03-23 18:24:14 ----D---- C:\windows\system32\drivers
2013-03-23 18:21:28 ----D---- C:\windows\Tasks
2013-03-23 18:21:01 ----D---- C:\windows\system32\drivers\etc
2013-03-23 18:05:18 ----D---- C:\windows\system32\appmgmt
2013-03-23 18:05:00 ----D---- C:\Program Files\Hewlett-Packard
2013-03-23 18:04:53 ----D---- C:\windows\system32\Tasks
2013-03-23 18:00:33 ----RD---- C:\Program Files
2013-03-23 17:59:24 ----SD---- C:\ProgramData\Microsoft
2013-03-23 15:18:40 ----HD---- C:\ProgramData
2013-03-23 13:29:50 ----D---- C:\Users\Bedna\AppData\Roaming\Mozilla
2013-03-23 13:03:22 ----D---- C:\windows\System32
2013-03-23 13:03:22 ----D---- C:\windows\inf
2013-03-23 13:03:22 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-03-23 12:54:43 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-03-23 10:27:15 ----D---- C:\windows\Prefetch
2013-03-23 10:23:51 ----D---- C:\ProgramData\PC Suite
2013-03-23 10:23:37 ----D---- C:\Windows
2013-03-18 21:20:30 ----D---- C:\windows\system32\catroot
2013-03-18 01:28:04 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2013-03-16 20:30:11 ----RSD---- C:\windows\assembly
2013-03-16 20:30:11 ----D---- C:\windows\Microsoft.NET
2013-03-16 20:11:21 ----D---- C:\Users\Bedna\AppData\Roaming\Nokia
2013-03-16 19:22:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-16 19:19:17 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2013-03-14 16:55:45 ----D---- C:\windows\rescache
2013-03-14 07:55:54 ----D---- C:\windows\SYSWOW64\migration
2013-03-14 07:55:54 ----D---- C:\windows\system32\migration
2013-03-14 07:55:54 ----D---- C:\windows\AppPatch
2013-03-14 07:55:54 ----D---- C:\Program Files\Internet Explorer
2013-03-14 07:55:54 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 07:38:59 ----D---- C:\ProgramData\Microsoft Help
2013-03-14 07:36:27 ----A---- C:\windows\system32\MRT.exe
2013-03-10 17:52:20 ----D---- C:\Users\Bedna\AppData\Roaming\Skype
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\zh-HK
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\pt-PT
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\pt-BR
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\pl-PL
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\nl-NL
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\ko-KR
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\it-IT
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\hu-HU
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\fr-FR
2013-02-28 07:56:56 ----D---- C:\windows\SYSWOW64\el-GR
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\zh-TW
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\zh-CN
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\tr-TR
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\sv-SE
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\ru-RU
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\nb-NO
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\ja-JP
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\fi-FI
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\es-ES
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\en-US
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\de-DE
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\da-DK
2013-02-28 07:56:55 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-02-28 07:56:55 ----D---- C:\windows\system32\zh-TW
2013-02-28 07:56:55 ----D---- C:\windows\system32\zh-HK
2013-02-28 07:56:55 ----D---- C:\windows\system32\tr-TR
2013-02-28 07:56:55 ----D---- C:\windows\system32\sv-SE
2013-02-28 07:56:55 ----D---- C:\windows\system32\pt-PT
2013-02-28 07:56:55 ----D---- C:\windows\system32\pt-BR
2013-02-28 07:56:55 ----D---- C:\windows\system32\pl-PL
2013-02-28 07:56:55 ----D---- C:\windows\system32\nl-NL
2013-02-28 07:56:55 ----D---- C:\windows\system32\ko-KR
2013-02-28 07:56:55 ----D---- C:\windows\system32\it-IT
2013-02-28 07:56:55 ----D---- C:\windows\system32\hu-HU
2013-02-28 07:56:55 ----D---- C:\windows\system32\fr-FR
2013-02-28 07:56:55 ----D---- C:\windows\system32\fi-FI
2013-02-28 07:56:55 ----D---- C:\windows\system32\es-ES
2013-02-28 07:56:55 ----D---- C:\windows\system32\el-GR
2013-02-28 07:56:55 ----D---- C:\windows\system32\de-DE
2013-02-28 07:56:54 ----D---- C:\windows\system32\zh-CN
2013-02-28 07:56:54 ----D---- C:\windows\system32\ru-RU
2013-02-28 07:56:54 ----D---- C:\windows\system32\nb-NO
2013-02-28 07:56:54 ----D---- C:\windows\system32\ja-JP
2013-02-28 07:56:54 ----D---- C:\windows\system32\en-US
2013-02-28 07:56:54 ----D---- C:\windows\system32\da-DK
2013-02-28 07:56:54 ----D---- C:\windows\system32\cs-CZ
2013-02-28 07:44:50 ----D---- C:\ProgramData\Skype
2013-02-28 07:44:46 ----RD---- C:\Program Files (x86)\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-03-16 30488]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\drivers\iaStor.sys [2012-02-02 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\windows\system32\DRIVERS\iusb3hcs.sys [2012-03-27 19224]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2012-03-08 58000]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\windows\System32\drivers\psd.sys [2010-01-26 44576]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-02-15 71032]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-03-16 43800]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2012-03-29 10859008]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2012-03-29 328704]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2012-02-03 42816]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2011-12-05 95248]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2012-05-17 80384]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2012-02-02 184360]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2012-02-02 211496]
R3 BTWDPAN;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\btwdpan.sys [2012-02-02 89640]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2012-02-02 21544]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2012-02-22 360624]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-18 25912]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\windows\system32\DRIVERS\iusb3hub.sys [2012-03-27 356632]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\windows\system32\DRIVERS\iusb3xhc.sys [2012-03-27 789272]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2012-02-28 173656]
R3 johci;JMicron 1394 Filter Driver; C:\windows\system32\DRIVERS\johci.sys [2012-02-28 26200]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\Netwsw00.sys [2012-02-21 11471872]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2012-03-30 1863680]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2012-03-05 536064]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2012-03-09 425232]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
S3 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2012-01-31 64312]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
S3 dmvsc;dmvsc; C:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2010-11-21 32768]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 vmbus;vmbus; C:\windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2012-03-29 235520]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-02-15 393080]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-02-15 384888]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-18 135952]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2012-02-02 945440]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2012-03-15 493904]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-03-14 152992]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-03-22 372824]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-03-16 33560]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-03-01 13592]
R2 IFXSpMgtSrv;Security Platform Management Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2012-01-27 1127800]
R2 IFXTCS;Trusted Platform Core Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [2012-01-27 984440]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-28 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-28 165144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-28 277784]
R2 PersonalSecureDriveService;Personal Secure Drive Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [2012-01-27 212344]
R2 RoxioBurnLauncher;Roxio Burn Launcher; C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [2012-03-21 536848]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2012-03-05 314880]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2012-02-03 498352]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-28 363800]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2012-03-20 2694224]
R3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
R3 hpCMSrv;HP Connection Manager 4 Service; c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-03-15 1420160]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\windows\SysWOW64\flcdlock.exe [2012-01-31 477056]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2012-03-07 1118480]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2011-12-08 76416]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-07-10 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-03-09 117552]
-----------------EOF-----------------
Re: chyceny trojsky kun z odkazu na video na facebooku
Log vypada v poradku.
Preinstalace je az posledni moznost, takze i kdyby se to objevilo, mam jeste par es v rukavu
Ale popravde, nekdy je prinstalace rychlejsi, zvlast kdyz v pc neni nic duleziteho
Zatim po sobe uklidim.
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.
Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat
Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak tedy napiste, jak je na tom pc.
Preinstalace je az posledni moznost, takze i kdyby se to objevilo, mam jeste par es v rukavu
Ale popravde, nekdy je prinstalace rychlejsi, zvlast kdyz v pc neni nic duleziteho
Zatim po sobe uklidim.
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.
Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustteKliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat
Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
Defragmentujte disk(y)Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak tedy napiste, jak je na tom pc.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: chyceny trojsky kun z odkazu na video na facebooku
Doufam, ze jste na tom FB zmenili heslo
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: chyceny trojsky kun z odkazu na video na facebooku
Jasne, heslo jsem zmenil jako forgot password pres email v mobilu, takze by to snad melo byt poreseny. Teda pokud si ten hnuj v PC uz prozil vlastni smrt
Re: chyceny trojsky kun z odkazu na video na facebooku
Uvidime 
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: chyceny trojsky kun z odkazu na video na facebooku
Zdravim,
tak od chvile, kdy jsme resili tento ntb, tak se nic neobjevilo a facebook je v pohode. Myslim si, ze hrozba je zazehnana
. Jeste jednou moc dekuji za Vas cas a chut pomoct! 
tak od chvile, kdy jsme resili tento ntb, tak se nic neobjevilo a facebook je v pohode. Myslim si, ze hrozba je zazehnana
. Jeste jednou moc dekuji za Vas cas a chut pomoct! 
Přispějete na provoz fóra?