Dobrý den,
Při vypínání systému (nestačím uložit screen) mi vyskakuje chybové okno cmd.exe. Mohl bych poprosit o kontrolu logu? Děkuji.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Daniel at 2014-12-12 14:50:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 631 GB (67%) free of 941 GB
Total RAM: 12268 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:50:30, on 12.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Daniel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Evolve Service (EvoSvc) - Echobit LLC - C:\Program Files\Echobit\Evolve\EvoSvc.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13981 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
"C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss f71e4a3e-f8fb-4542-95c2-a5e99af02fce 1
\??\C:\Windows\system32\conhost.exe "-204003503712340305691438473456462383953-19180755625576996315314316331039912878
WLIDSvcM.exe 2776
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
taskeng.exe {8778BA46-15BC-4ADE-9646-1734C121DDEE}
\??\C:\Windows\system32\conhost.exe "961148944-209209546616314727757708978645417888-1293016212-20433872891080724299
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-33133128-58ea-49cb-abd6-c82a30d2e169 -SystemEventPortName:HostProcess-970852ad-8a85-4a90-8773-e3e35b9db889 -IoCancelEventPortName:HostProcess-0332f892-b877-4088-b528-166b804b7339 -NonStateChangingEventPortName:HostProcess-a33084a9-f5b6-4144-ab5a-8efdf033fb76 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9236e08e-cc20-459f-a100-b6172812eb7b -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\IDT\WDM\beats64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4224.0.1010024892\1611082213" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,38,46 --gpu-vendor-id=0x10de --gpu-device-id=0x11c0 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4475 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group11 pct:1b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4224.2.716398728\1512351810" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group11 pct:1b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4224.4.2079890962\1565007483" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group11 pct:1b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4224.7.1579058171\969924362" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4224.9.1584995268\448311535" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group11 pct:1b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4224.12.466722910\169991248" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/DomRel-Enable/enable/EmbeddedSearch/Group11 pct:1b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Control/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4224.15.2120157173\2062580961" /prefetch:673131151
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 53E08551-1177-9A1D-CA3D-F56960135B8C -Reinvoke
"C:\Users\Daniel\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1523127539-2779269890-1451957846-1000Core.job - C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1523127539-2779269890-1451957846-1000UA.job - C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForDaniel.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForDaniel (null)
C:\Windows\tasks\RegCure Pro.job - C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe -scan
C:\Windows\tasks\WinThruster_DEFAULT.job - C:\Program Files (x86)\WinThruster\WinThruster.exe -default
C:\Windows\tasks\WinThruster_UPDATES.job - C:\Program Files (x86)\WinThruster\WinThruster.exe -updatecheck
=========Mozilla firefox=========
ProfilePath - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default\extensions\
ascsurfingprotection@iobit.com
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default\searchplugins\
yahoo.xml
yahoo_ff.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-11-28 2471744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-25 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-02-20 669504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-25 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2010-10-21 37888]
"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-04-24 1425408]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-11-06 2464072]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-11-06 2800296]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-11-11 21720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
"PlayNC Launcher"= []
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2014-08-22 2281248]
"Spotify Web Helper"=C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-10-13 1514040]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
c:\program files (x86)\daemon tools lite\dtlite.exe [2012-04-17 3671872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easybits Recovery]
c:\program files (x86)\easybits for kids\ezrecover.exe [2011-02-10 61112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX100 Series]
c:\windows\system32\spool\drivers\x64\3\e_iatiede.exe /fu c:\windows\temp\e_se093.tmp /ef hkcu []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvolveClient]
c:\program files\echobit\evolve\evolveclient.exe [2014-01-24 3216800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchHPOSIAPP]
c:\program files (x86)\hewlett-packard\hp keyboard\launchapp.exe [2009-04-04 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager]
c:\program files (x86)\microsoft\search enhancement pack\default manager\defmgr.exe -resume []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
c:\program files (x86)\pdf complete\pdfsty.exe [2011-02-01 656920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProfilerU]
c:\program files\smarttechnology\software\profileru.exe [2012-01-23 432640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiMfd]
c:\program files\smarttechnology\software\saimfd.exe [2012-01-23 158208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
c:\program files (x86)\common files\spigot\search settings\searchsettings.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files (x86)\steam\steam.exe [2014-12-10 1941696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files (x86)\common files\java\java update\jusched.exe [2014-10-07 507776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
c:\program files (x86)\sweetim\messenger\sweetim.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
c:\program files\idt\wdm\sttray64.exe [2012-04-24 1425408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
[]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-09-17 52920]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableChangePassword"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"
======List of files/folders created in the last 1 month======
2014-12-12 14:50:02 ----D---- C:\rsit
2014-12-12 14:50:02 ----D---- C:\Program Files\trend micro
2014-12-12 14:15:31 ----D---- C:\Users\Daniel\AppData\Roaming\Solvusoft
2014-12-12 14:15:30 ----A---- C:\Windows\system32\roboot64.exe
2014-12-12 13:03:32 ----AD---- C:\Program Files (x86)\Application Files
2014-12-11 12:48:44 ----SHD---- C:\Config.Msi
2014-12-10 20:24:27 ----D---- C:\Program Files (x86)\Origin Games
2014-12-10 11:23:14 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-10 11:23:14 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-10 11:23:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-10 11:23:05 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-10 11:23:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-10 11:23:05 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-10 11:23:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 11:23:04 ----A---- C:\Windows\system32\iernonce.dll
2014-12-10 11:23:04 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-10 11:23:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-10 11:23:02 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-10 11:23:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-10 11:23:02 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-10 11:23:02 ----A---- C:\Windows\system32\urlmon.dll
2014-12-10 11:23:02 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-10 11:23:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 11:23:01 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-10 11:23:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 11:23:01 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-10 11:23:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-10 11:23:00 ----A---- C:\Windows\system32\iesetup.dll
2014-12-10 11:23:00 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-10 11:22:59 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-10 11:22:59 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-10 11:22:59 ----A---- C:\Windows\system32\iertutil.dll
2014-12-10 11:22:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-10 11:22:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-10 11:22:58 ----A---- C:\Windows\system32\ieui.dll
2014-12-10 11:22:58 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\jscript9.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\ieframe.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\wininet.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\vbscript.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\msrating.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-10 11:22:54 ----A---- C:\Windows\system32\mshtml.dll
2014-12-07 15:04:19 ----D---- C:\Program Files (x86)\Blade & Soul
2014-12-07 15:00:41 ----D---- C:\Users\Daniel\AppData\Roaming\REngLauncher
2014-11-25 22:06:21 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-11-25 22:06:06 ----D---- C:\Program Files (x86)\Java
2014-11-25 22:00:26 ----D---- C:\ProgramData\Oracle
2014-11-24 18:28:52 ----D---- C:\Program Files (x86)\TERA
2014-11-24 18:02:18 ----D---- C:\ProgramData\TERA
2014-11-23 15:49:16 ----D---- C:\sh4ldr
2014-11-23 13:10:27 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2014-11-23 13:08:43 ----D---- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-11-23 12:03:13 ----D---- C:\ProgramData\Emsisoft
2014-11-23 09:06:55 ----A---- C:\autoexec.bat
2014-11-23 09:06:40 ----D---- C:\Users\Daniel\AppData\Roaming\Enigma Software Group
2014-11-23 09:06:00 ----D---- C:\Program Files\Enigma Software Group
2014-11-19 22:29:20 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 22:29:19 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 22:29:19 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 22:29:17 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-18 18:02:34 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-11-18 18:00:51 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-11-18 18:00:51 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-11-18 18:00:51 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-11-18 18:00:51 ----A---- C:\Windows\system32\nvopencl.dll
2014-11-18 18:00:51 ----A---- C:\Windows\system32\nvoglv64.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\nvinitx.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\NvIFR64.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-11-18 18:00:49 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-11-18 18:00:49 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2014-11-18 18:00:49 ----A---- C:\Windows\system32\NvFBC64.dll
2014-11-18 18:00:49 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2014-11-18 18:00:49 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-11-18 18:00:48 ----A---- C:\Windows\system32\nvcuvid.dll
2014-11-18 18:00:48 ----A---- C:\Windows\system32\nvcuda.dll
2014-11-18 18:00:48 ----A---- C:\Windows\system32\nvcompiler.dll
2014-11-18 17:54:06 ----A---- C:\Windows\system32\nvdispgenco6434475.dll
2014-11-18 17:54:06 ----A---- C:\Windows\system32\nvdispco6434475.dll
2014-11-18 17:03:50 ----D---- C:\Program Files\CPUID
2014-11-18 16:16:58 ----D---- C:\Program Files (x86)\Everest Home Edition
2014-11-17 23:05:22 ----A---- C:\Windows\SYSWOW64\shoD115.tmp
2014-11-16 21:32:57 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-11-16 21:32:57 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-11-16 21:32:56 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-11-16 21:32:56 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-11-16 21:32:53 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-11-16 21:32:53 ----A---- C:\Windows\system32\nvapi64.dll
2014-11-16 21:03:27 ----A---- C:\Windows\system32\generaltel.dll
2014-11-16 21:03:26 ----A---- C:\Windows\system32\aepdu.dll
2014-11-16 21:03:24 ----A---- C:\Windows\system32\aeinv.dll
2014-11-16 21:03:20 ----A---- C:\Windows\system32\termsrv.dll
2014-11-16 21:03:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-16 21:03:20 ----A---- C:\Windows\system32\adtschema.dll
2014-11-16 21:03:19 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-16 21:03:19 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-16 21:03:16 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-16 21:03:16 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-16 21:03:16 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-16 21:03:16 ----A---- C:\Windows\system32\msaudite.dll
2014-11-16 20:58:35 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-16 20:58:35 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-16 20:58:35 ----A---- C:\Windows\system32\msxml3.dll
2014-11-16 20:58:34 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-16 20:58:33 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-16 20:58:33 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-16 20:58:31 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-16 20:58:31 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-16 20:58:30 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\EncDump.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-16 20:58:29 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-16 20:57:59 ----A---- C:\Windows\system32\schannel.dll
2014-11-16 20:57:58 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-16 20:57:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-16 20:57:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-16 20:57:55 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-16 20:57:55 ----A---- C:\Windows\system32\wdigest.dll
2014-11-16 20:57:55 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-16 20:57:54 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-16 20:57:54 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-16 20:57:53 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-16 20:57:52 ----A---- C:\Windows\system32\credssp.dll
2014-11-16 20:57:51 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-16 20:57:04 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-16 20:57:04 ----A---- C:\Windows\system32\packager.dll
2014-11-16 20:57:02 ----A---- C:\Windows\system32\win32k.sys
2014-11-16 20:56:57 ----A---- C:\Windows\system32\msi.dll
2014-11-16 20:56:56 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-16 20:55:34 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-16 20:55:33 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-16 20:45:09 ----A---- C:\Windows\system32\nvdispgenco6434465.dll
2014-11-16 20:45:09 ----A---- C:\Windows\system32\nvdispco6434465.dll
2014-11-16 12:50:22 ----D---- C:\Program Files (x86)\Far Cry 4
======List of files/folders modified in the last 1 month======
2014-12-12 14:50:28 ----D---- C:\Windows\Prefetch
2014-12-12 14:50:18 ----D---- C:\Windows\Temp
2014-12-12 14:50:02 ----RD---- C:\Program Files
2014-12-12 14:41:52 ----D---- C:\Users\Daniel\AppData\Roaming\Skype
2014-12-12 14:38:31 ----D---- C:\Windows\system32\config
2014-12-12 14:33:28 ----D---- C:\Program Files (x86)\Bonjour
2014-12-12 14:26:55 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-12 14:24:56 ----D---- C:\ProgramData\PDFC
2014-12-12 14:24:23 ----D---- C:\ProgramData\NVIDIA
2014-12-12 14:20:39 ----RD---- C:\Program Files (x86)
2014-12-12 14:20:25 ----D---- C:\Windows\system32\Tasks
2014-12-12 14:20:19 ----D---- C:\Windows\System32
2014-12-12 14:17:38 ----SHD---- C:\System Volume Information
2014-12-12 14:15:36 ----D---- C:\Windows\Tasks
2014-12-12 13:58:16 ----D---- C:\Program Files (x86)\Steam
2014-12-12 10:44:56 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-12 10:43:56 ----D---- C:\Users\Daniel\AppData\Roaming\HpUpdate
2014-12-12 10:43:56 ----D---- C:\Users\Daniel\AppData\Roaming\HP Support Assistant
2014-12-12 07:21:16 ----HD---- C:\ProgramData
2014-12-12 07:18:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-11 13:12:18 ----D---- C:\Program Files (x86)\GMT-MAX.ORG
2014-12-11 13:04:24 ----D---- C:\Program Files (x86)\Image-Line
2014-12-11 13:03:31 ----AD---- C:\Windows\SysWOW64
2014-12-11 13:02:51 ----D---- C:\Program Files (x86)\VstPlugins
2014-12-11 12:55:50 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-12-11 12:55:23 ----D---- C:\ProgramData\Media Center Programs
2014-12-11 12:52:39 ----D---- C:\ProgramData\Freemake
2014-12-11 12:52:18 ----SHD---- C:\Windows\Installer
2014-12-11 12:49:48 ----RSD---- C:\Windows\assembly
2014-12-11 12:49:47 ----D---- C:\ProgramData\Autodesk
2014-12-11 12:49:40 ----D---- C:\Windows\Help
2014-12-11 12:49:33 ----RSD---- C:\Windows\Fonts
2014-12-11 12:48:54 ----D---- C:\Windows\Microsoft.NET
2014-12-10 21:10:41 ----D---- C:\Windows\rescache
2014-12-10 20:25:46 ----D---- C:\ProgramData\Origin
2014-12-10 20:23:55 ----D---- C:\Program Files (x86)\Origin
2014-12-10 18:05:27 ----D---- C:\ProgramData\ProductData
2014-12-10 18:04:35 ----D---- C:\Windows\winsxs
2014-12-10 18:02:50 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-10 18:02:50 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-10 18:02:50 ----D---- C:\Windows\system32\en-US
2014-12-10 18:02:50 ----D---- C:\Windows\system32\cs-CZ
2014-12-10 18:02:50 ----D---- C:\Windows\PolicyDefinitions
2014-12-10 18:02:50 ----D---- C:\Program Files\Internet Explorer
2014-12-10 18:02:50 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-10 15:59:36 ----D---- C:\Windows\system32\MRT
2014-12-10 15:59:34 ----A---- C:\Windows\system32\MRT.exe
2014-12-10 11:18:05 ----D---- C:\Windows\system32\catroot2
2014-12-09 16:45:49 ----RD---- C:\Program Files (x86)\Skype
2014-12-09 16:45:47 ----D---- C:\ProgramData\Skype
2014-12-09 16:19:39 ----D---- C:\Users\Daniel\AppData\Roaming\gtk-2.0
2014-12-08 17:34:13 ----D---- C:\Users\Daniel\AppData\Roaming\Spotify
2014-12-05 15:44:24 ----D---- C:\Program Files (x86)\IObit
2014-12-01 14:19:47 ----D---- C:\Windows\system32\drivers
2014-11-30 07:05:23 ----D---- C:\Windows\system32\NDF
2014-11-29 09:50:10 ----D---- C:\Windows\inf
2014-11-29 09:50:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-28 13:27:58 ----D---- C:\Windows\tracing
2014-11-28 13:24:37 ----D---- C:\Users\Daniel\AppData\Roaming\IObit
2014-11-28 13:24:37 ----D---- C:\ProgramData\IObit
2014-11-25 22:06:28 ----D---- C:\Program Files (x86)\Common Files
2014-11-25 22:00:29 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-11-25 22:00:29 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-11-25 22:00:29 ----A---- C:\Windows\SYSWOW64\java.exe
2014-11-24 18:28:56 ----D---- C:\Users\Daniel\AppData\Roaming\TERA
2014-11-24 17:27:12 ----D---- C:\Program Files (x86)\Strife
2014-11-23 16:37:10 ----D---- C:\Program Files (x86)\Google
2014-11-23 15:54:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-23 15:25:57 ----AD---- C:\Windows
2014-11-23 09:05:32 ----D---- C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite
2014-11-18 18:02:43 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-11-18 18:02:32 ----D---- C:\Windows\system32\DriverStore
2014-11-16 21:37:19 ----D---- C:\Program Files\NVIDIA Corporation
2014-11-16 21:21:41 ----SD---- C:\Windows\system32\CompatTel
2014-11-16 12:49:59 ----D---- C:\Users\Daniel\AppData\Roaming\uTorrent
2014-11-15 09:51:41 ----D---- C:\Users\Daniel\AppData\Roaming\vlc
2014-11-15 09:43:10 ----D---- C:\ProgramData\Orbit
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 204880]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-08-30 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-12-01 1031392]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 64288]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-19 283200]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 91568]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 80816]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-02-03 88480]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-02-03 46400]
R3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2014-11-23 15920]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-09-17 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-11-06 19784]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-10-03 38216]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
R3 SaiK0CCC;SaiK0CCC; C:\Windows\system32\DRIVERS\SaiK0CCC.sys [2012-09-20 180544]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2012-01-24 24640]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2012-01-24 52160]
R3 SaiU0CCC;SaiU0CCC; C:\Windows\system32\DRIVERS\SaiU0CCC.sys [2012-09-20 47168]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-04-24 536576]
R3 tihub3;TI USB3 Hub Service; C:\Windows\system32\drivers\tihub3.sys [2011-01-18 125552]
R3 tixhci;TI XHCI Service; C:\Windows\system32\drivers\tixhci.sys [2011-02-22 382024]
S3 cleanhlp;cleanhlp; C:\Windows\system32\drivers\cleanhlp.sys []
S3 CpqDfw;Compaq Dfw; C:\Windows\system32\drivers\CpqDfw.sys [2012-05-29 27456]
S3 cqcpu;Compaq Cpu Diagnostics; C:\Windows\system32\drivers\cqcpu.sys [2010-03-01 24376]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-10-28 107288]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2010-12-02 171008]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudobex.sys [2012-02-15 203320]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys [2010-11-01 14544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-08-18 893216]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-11-06 1148744]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-11-06 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-11-06 19819848]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-11-12 934032]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-06-01 75136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [2014-11-23 1025920]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-04-24 318464]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-11-12 409800]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-11-28 2631456]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2014-06-21 25832]
S3 EvoSvc;Evolve Service; C:\Program Files\Echobit\Evolve\EvoSvc.exe [2014-01-24 1579424]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-29 654848]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-01-17 227904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2011-03-28 4323256]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-10 1900400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-23 833728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-10-06 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119557
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
# AdwCleaner v4.105 - Report created 12/12/2014 at 19:15:43
# Updated 08/12/2014 by Xplode
# Database : 2014-12-12.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Daniel - DANIEL-HP
# Running from : C:\Users\Daniel\Desktop\adwcleaner_4.105.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\Common Files\ParetoLogic
Folder Deleted : C:\Users\Daniel\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Daniel\AppData\Roaming\Solvusoft
Folder Deleted : C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
[!] Folder Deleted : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default\Extensions\OneClickDownloader@OneClickDownloader.com.xpi
Folder Deleted : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default\Extensions\ascsurfingprotection@iobit.com
Folder Deleted : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\profile\Extensions\ascsurfingprotection@iobit.com
Folder Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hphibigbodkkohoglgfkddblldpfohjl
File Deleted : C:\END
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default\user.js
***** [ Scheduled Tasks ] *****
Task Deleted : paretologic registration3
Task Deleted : paretologic update version3
Task Deleted : WinThruster
Task Deleted : WinThruster_DEFAULT
Task Deleted : WinThruster_UPDATES
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hphibigbodkkohoglgfkddblldpfohjl
Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niogeckbkdcabhnapjbkeiklablhjoca
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\Solvusoft
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\Cinemax
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\Solvusoft
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\758F5690DAAD39F40845E0E23C8C5C0B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v11.0 (cs)
-\\ Google Chrome v39.0.2171.95
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
-\\ Chromium v
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
*************************
AdwCleaner[R0].txt - [10982 octets] - [12/12/2014 19:13:14]
AdwCleaner[R1].txt - [11043 octets] - [12/12/2014 19:14:45]
AdwCleaner[S0].txt - [10846 octets] - [12/12/2014 19:15:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10907 octets] ##########
# Updated 08/12/2014 by Xplode
# Database : 2014-12-12.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Daniel - DANIEL-HP
# Running from : C:\Users\Daniel\Desktop\adwcleaner_4.105.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\Common Files\ParetoLogic
Folder Deleted : C:\Users\Daniel\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Daniel\AppData\Roaming\Solvusoft
Folder Deleted : C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
[!] Folder Deleted : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default\Extensions\OneClickDownloader@OneClickDownloader.com.xpi
Folder Deleted : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default\Extensions\ascsurfingprotection@iobit.com
Folder Deleted : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\profile\Extensions\ascsurfingprotection@iobit.com
Folder Deleted : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hphibigbodkkohoglgfkddblldpfohjl
File Deleted : C:\END
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default\user.js
***** [ Scheduled Tasks ] *****
Task Deleted : paretologic registration3
Task Deleted : paretologic update version3
Task Deleted : WinThruster
Task Deleted : WinThruster_DEFAULT
Task Deleted : WinThruster_UPDATES
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hphibigbodkkohoglgfkddblldpfohjl
Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niogeckbkdcabhnapjbkeiklablhjoca
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\Solvusoft
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\Cinemax
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\Solvusoft
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpyHunter
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\758F5690DAAD39F40845E0E23C8C5C0B
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v11.0 (cs)
-\\ Google Chrome v39.0.2171.95
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
-\\ Chromium v
[C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
*************************
AdwCleaner[R0].txt - [10982 octets] - [12/12/2014 19:13:14]
AdwCleaner[R1].txt - [11043 octets] - [12/12/2014 19:14:45]
AdwCleaner[S0].txt - [10846 octets] - [12/12/2014 19:15:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10907 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119557
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Logfile of random's system information tool 1.10 (written by random/random)
Run by Daniel at 2014-12-13 07:42:50
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 654 GB (70%) free of 941 GB
Total RAM: 12268 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:42:52, on 13.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files\trend micro\Daniel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - (no file)
R3 - URLSearchHook: BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Daniel\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_0.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BS Player ControlBar B - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Daniel\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_0.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Daniel\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_0.dll
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Evolve Service (EvoSvc) - Echobit LLC - C:\Program Files\Echobit\Evolve\EvoSvc.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Toolbar Service (TBSrv) - ClientConnect Ltd. - C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13903 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
"C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss f71e4a3e-f8fb-4542-95c2-a5e99af02fce 1
\??\C:\Windows\system32\conhost.exe "-1387662725890324480-1244144202-1222295146-1918070494-552943239434217079-1863360593
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2932
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3b3f30ba-089e-4966-bca7-7cab086fb358 -SystemEventPortName:HostProcess-ffd61b70-f652-42d5-a4e5-ea6a8eaa3343 -IoCancelEventPortName:HostProcess-82c84e36-ad0d-41cc-9cf3-f2f9226c8180 -NonStateChangingEventPortName:HostProcess-5cb038b3-48f5-4ea9-bfda-9e54bdf64ddc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4bd89611-1070-405b-b652-59659d4c8875 -DeviceGroupId:WpdFsGroup
C:\Windows\servicing\TrustedInstaller.exe
taskhost.exe USER
taskeng.exe {25A1A068-1A52-4B82-9A1E-A1CD9866CD32}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-161023836980519290-2112604938-19484915748366496901351183822795182445228255072
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\IDT\WDM\beats64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
"C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
explorer.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Daniel\Desktop\ \Instalačky Programu\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1523127539-2779269890-1451957846-1000Core.job - C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1523127539-2779269890-1451957846-1000UA.job - C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForDaniel.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForDaniel (null)
C:\Windows\tasks\RegCure Pro.job - C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe -scan
=========Mozilla firefox=========
ProfilePath - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default\extensions\
{31264a33-a653-46c4-af49-1232c59a7da5}
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default\searchplugins\
yahoo.xml
yahoo_ff.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-11-28 2471744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264a33-a653-46c4-af49-1232c59a7da5}]
BS Player ControlBar B Toolbar - C:\Users\Daniel\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_0.dll [2014-09-30 423744]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-25 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-25 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{31264a33-a653-46c4-af49-1232c59a7da5} - BS Player ControlBar B Toolbar - C:\Users\Daniel\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_0.dll [2014-09-30 423744]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2010-10-21 37888]
"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-04-24 1425408]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-11-06 2464072]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-11-06 2800296]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-11-11 21720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
"PlayNC Launcher"= []
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2014-08-22 2281248]
"Spotify Web Helper"=C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-10-13 1514040]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
c:\program files (x86)\daemon tools lite\dtlite.exe [2012-04-17 3671872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easybits Recovery]
c:\program files (x86)\easybits for kids\ezrecover.exe [2011-02-10 61112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX100 Series]
c:\windows\system32\spool\drivers\x64\3\e_iatiede.exe /fu c:\windows\temp\e_se093.tmp /ef hkcu []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvolveClient]
c:\program files\echobit\evolve\evolveclient.exe [2014-01-24 3216800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchHPOSIAPP]
c:\program files (x86)\hewlett-packard\hp keyboard\launchapp.exe [2009-04-04 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager]
c:\program files (x86)\microsoft\search enhancement pack\default manager\defmgr.exe -resume []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
c:\program files (x86)\pdf complete\pdfsty.exe [2011-02-01 656920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProfilerU]
c:\program files\smarttechnology\software\profileru.exe [2012-01-23 432640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiMfd]
c:\program files\smarttechnology\software\saimfd.exe [2012-01-23 158208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
c:\program files (x86)\common files\spigot\search settings\searchsettings.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files (x86)\steam\steam.exe [2014-12-10 1941696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files (x86)\common files\java\java update\jusched.exe [2014-10-07 507776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
c:\program files (x86)\sweetim\messenger\sweetim.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
c:\program files\idt\wdm\sttray64.exe [2012-04-24 1425408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
[]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-09-17 52920]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableChangePassword"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"
======List of files/folders created in the last 1 month======
2014-12-12 22:22:28 ----D---- C:\Program Files (x86)\Tbccint
2014-12-12 22:22:26 ----D---- C:\ProgramData\Tbccint
2014-12-12 19:13:10 ----D---- C:\AdwCleaner
2014-12-12 14:50:02 ----D---- C:\rsit
2014-12-12 14:50:02 ----D---- C:\Program Files\trend micro
2014-12-12 13:03:32 ----AD---- C:\Program Files (x86)\Application Files
2014-12-11 12:48:44 ----SHD---- C:\Config.Msi
2014-12-10 20:24:27 ----D---- C:\Program Files (x86)\Origin Games
2014-12-10 11:23:14 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-10 11:23:14 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-10 11:23:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-10 11:23:05 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-10 11:23:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-10 11:23:05 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-10 11:23:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 11:23:04 ----A---- C:\Windows\system32\iernonce.dll
2014-12-10 11:23:04 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-10 11:23:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-10 11:23:02 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-10 11:23:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-10 11:23:02 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-10 11:23:02 ----A---- C:\Windows\system32\urlmon.dll
2014-12-10 11:23:02 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-10 11:23:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 11:23:01 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-10 11:23:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 11:23:01 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-10 11:23:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-10 11:23:00 ----A---- C:\Windows\system32\iesetup.dll
2014-12-10 11:23:00 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-10 11:22:59 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-10 11:22:59 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-10 11:22:59 ----A---- C:\Windows\system32\iertutil.dll
2014-12-10 11:22:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-10 11:22:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-10 11:22:58 ----A---- C:\Windows\system32\ieui.dll
2014-12-10 11:22:58 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\jscript9.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\ieframe.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\wininet.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\vbscript.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\msrating.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-10 11:22:54 ----A---- C:\Windows\system32\mshtml.dll
2014-12-07 15:04:19 ----D---- C:\Program Files (x86)\Blade & Soul
2014-12-07 15:00:41 ----D---- C:\Users\Daniel\AppData\Roaming\REngLauncher
2014-11-25 22:06:21 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-11-25 22:06:06 ----D---- C:\Program Files (x86)\Java
2014-11-25 22:00:26 ----D---- C:\ProgramData\Oracle
2014-11-24 18:28:52 ----D---- C:\Program Files (x86)\TERA
2014-11-24 18:02:18 ----D---- C:\ProgramData\TERA
2014-11-23 15:49:16 ----D---- C:\sh4ldr
2014-11-23 13:10:27 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2014-11-23 13:08:43 ----D---- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-11-23 12:03:13 ----D---- C:\ProgramData\Emsisoft
2014-11-23 09:06:55 ----A---- C:\autoexec.bat
2014-11-23 09:06:40 ----D---- C:\Users\Daniel\AppData\Roaming\Enigma Software Group
2014-11-23 09:06:00 ----D---- C:\Program Files\Enigma Software Group
2014-11-19 22:29:20 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 22:29:19 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 22:29:19 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 22:29:17 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-18 18:02:34 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-11-18 18:00:51 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-11-18 18:00:51 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-11-18 18:00:51 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-11-18 18:00:51 ----A---- C:\Windows\system32\nvopencl.dll
2014-11-18 18:00:51 ----A---- C:\Windows\system32\nvoglv64.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\nvinitx.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\NvIFR64.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-11-18 18:00:49 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-11-18 18:00:49 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2014-11-18 18:00:49 ----A---- C:\Windows\system32\NvFBC64.dll
2014-11-18 18:00:49 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2014-11-18 18:00:49 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-11-18 18:00:48 ----A---- C:\Windows\system32\nvcuvid.dll
2014-11-18 18:00:48 ----A---- C:\Windows\system32\nvcuda.dll
2014-11-18 18:00:48 ----A---- C:\Windows\system32\nvcompiler.dll
2014-11-18 17:54:06 ----A---- C:\Windows\system32\nvdispgenco6434475.dll
2014-11-18 17:54:06 ----A---- C:\Windows\system32\nvdispco6434475.dll
2014-11-18 17:03:50 ----D---- C:\Program Files\CPUID
2014-11-18 16:16:58 ----D---- C:\Program Files (x86)\Everest Home Edition
2014-11-17 23:05:22 ----A---- C:\Windows\SYSWOW64\shoD115.tmp
2014-11-16 21:32:57 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-11-16 21:32:57 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-11-16 21:32:56 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-11-16 21:32:56 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-11-16 21:32:53 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-11-16 21:32:53 ----A---- C:\Windows\system32\nvapi64.dll
2014-11-16 21:03:27 ----A---- C:\Windows\system32\generaltel.dll
2014-11-16 21:03:26 ----A---- C:\Windows\system32\aepdu.dll
2014-11-16 21:03:24 ----A---- C:\Windows\system32\aeinv.dll
2014-11-16 21:03:20 ----A---- C:\Windows\system32\termsrv.dll
2014-11-16 21:03:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-16 21:03:20 ----A---- C:\Windows\system32\adtschema.dll
2014-11-16 21:03:19 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-16 21:03:19 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-16 21:03:16 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-16 21:03:16 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-16 21:03:16 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-16 21:03:16 ----A---- C:\Windows\system32\msaudite.dll
2014-11-16 20:58:35 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-16 20:58:35 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-16 20:58:35 ----A---- C:\Windows\system32\msxml3.dll
2014-11-16 20:58:34 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-16 20:58:33 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-16 20:58:33 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-16 20:58:31 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-16 20:58:31 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-16 20:58:30 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\EncDump.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-16 20:58:29 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-16 20:57:59 ----A---- C:\Windows\system32\schannel.dll
2014-11-16 20:57:58 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-16 20:57:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-16 20:57:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-16 20:57:55 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-16 20:57:55 ----A---- C:\Windows\system32\wdigest.dll
2014-11-16 20:57:55 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-16 20:57:54 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-16 20:57:54 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-16 20:57:53 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-16 20:57:52 ----A---- C:\Windows\system32\credssp.dll
2014-11-16 20:57:51 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-16 20:57:04 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-16 20:57:04 ----A---- C:\Windows\system32\packager.dll
2014-11-16 20:57:02 ----A---- C:\Windows\system32\win32k.sys
2014-11-16 20:56:57 ----A---- C:\Windows\system32\msi.dll
2014-11-16 20:56:56 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-16 20:55:34 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-16 20:55:33 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-16 20:45:09 ----A---- C:\Windows\system32\nvdispgenco6434465.dll
2014-11-16 20:45:09 ----A---- C:\Windows\system32\nvdispco6434465.dll
======List of files/folders modified in the last 1 month======
2014-12-13 07:42:50 ----D---- C:\Windows\Temp
2014-12-13 07:39:51 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-13 07:37:22 ----D---- C:\Windows\system32\config
2014-12-13 07:37:18 ----D---- C:\ProgramData\PDFC
2014-12-13 07:36:33 ----D---- C:\ProgramData\NVIDIA
2014-12-12 22:27:33 ----D---- C:\Users\Daniel\AppData\Roaming\Skype
2014-12-12 22:24:45 ----D---- C:\Windows\Prefetch
2014-12-12 22:22:28 ----RD---- C:\Program Files (x86)
2014-12-12 22:22:26 ----HD---- C:\ProgramData
2014-12-12 22:20:32 ----D---- C:\Program Files (x86)\Steam
2014-12-12 19:15:44 ----D---- C:\Windows\Tasks
2014-12-12 19:15:44 ----D---- C:\Windows\system32\Tasks
2014-12-12 19:15:43 ----D---- C:\Windows\System32
2014-12-12 19:15:43 ----D---- C:\Program Files (x86)\Common Files
2014-12-12 16:27:12 ----D---- C:\Program Files (x86)\Dragon Age 2
2014-12-12 14:50:02 ----RD---- C:\Program Files
2014-12-12 14:33:28 ----D---- C:\Program Files (x86)\Bonjour
2014-12-12 14:17:38 ----SHD---- C:\System Volume Information
2014-12-12 10:44:56 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-12 10:43:56 ----D---- C:\Users\Daniel\AppData\Roaming\HpUpdate
2014-12-12 10:43:56 ----D---- C:\Users\Daniel\AppData\Roaming\HP Support Assistant
2014-12-12 07:18:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-11 13:12:18 ----D---- C:\Program Files (x86)\GMT-MAX.ORG
2014-12-11 13:04:24 ----D---- C:\Program Files (x86)\Image-Line
2014-12-11 13:03:31 ----AD---- C:\Windows\SysWOW64
2014-12-11 13:02:51 ----D---- C:\Program Files (x86)\VstPlugins
2014-12-11 12:55:50 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-12-11 12:55:23 ----D---- C:\ProgramData\Media Center Programs
2014-12-11 12:52:39 ----D---- C:\ProgramData\Freemake
2014-12-11 12:52:18 ----SHD---- C:\Windows\Installer
2014-12-11 12:49:48 ----RSD---- C:\Windows\assembly
2014-12-11 12:49:47 ----D---- C:\ProgramData\Autodesk
2014-12-11 12:49:40 ----D---- C:\Windows\Help
2014-12-11 12:49:33 ----RSD---- C:\Windows\Fonts
2014-12-11 12:48:54 ----D---- C:\Windows\Microsoft.NET
2014-12-10 21:10:41 ----D---- C:\Windows\rescache
2014-12-10 20:25:46 ----D---- C:\ProgramData\Origin
2014-12-10 20:23:55 ----D---- C:\Program Files (x86)\Origin
2014-12-10 18:05:27 ----D---- C:\ProgramData\ProductData
2014-12-10 18:04:35 ----D---- C:\Windows\winsxs
2014-12-10 18:02:50 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-10 18:02:50 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-10 18:02:50 ----D---- C:\Windows\system32\en-US
2014-12-10 18:02:50 ----D---- C:\Windows\system32\cs-CZ
2014-12-10 18:02:50 ----D---- C:\Windows\PolicyDefinitions
2014-12-10 18:02:50 ----D---- C:\Program Files\Internet Explorer
2014-12-10 18:02:50 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-10 16:03:43 ----D---- C:\Windows\system32\MRT
2014-12-10 15:59:34 ----A---- C:\Windows\system32\MRT.exe
2014-12-10 11:18:05 ----D---- C:\Windows\system32\catroot2
2014-12-09 16:45:49 ----RD---- C:\Program Files (x86)\Skype
2014-12-09 16:45:47 ----D---- C:\ProgramData\Skype
2014-12-09 16:19:39 ----D---- C:\Users\Daniel\AppData\Roaming\gtk-2.0
2014-12-08 17:34:13 ----D---- C:\Users\Daniel\AppData\Roaming\Spotify
2014-12-05 15:44:24 ----D---- C:\Program Files (x86)\IObit
2014-12-01 14:19:47 ----D---- C:\Windows\system32\drivers
2014-11-30 07:05:23 ----D---- C:\Windows\system32\NDF
2014-11-29 09:50:10 ----D---- C:\Windows\inf
2014-11-29 09:50:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-28 13:27:58 ----D---- C:\Windows\tracing
2014-11-28 13:24:37 ----D---- C:\Users\Daniel\AppData\Roaming\IObit
2014-11-28 13:24:37 ----D---- C:\ProgramData\IObit
2014-11-25 22:00:29 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-11-25 22:00:29 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-11-25 22:00:29 ----A---- C:\Windows\SYSWOW64\java.exe
2014-11-24 18:28:56 ----D---- C:\Users\Daniel\AppData\Roaming\TERA
2014-11-24 17:27:12 ----D---- C:\Program Files (x86)\Strife
2014-11-23 16:37:10 ----D---- C:\Program Files (x86)\Google
2014-11-23 15:54:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-23 15:25:57 ----AD---- C:\Windows
2014-11-23 09:05:32 ----D---- C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite
2014-11-18 18:02:43 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-11-18 18:02:32 ----D---- C:\Windows\system32\DriverStore
2014-11-16 21:37:19 ----D---- C:\Program Files\NVIDIA Corporation
2014-11-16 21:21:41 ----SD---- C:\Windows\system32\CompatTel
2014-11-16 12:49:59 ----D---- C:\Users\Daniel\AppData\Roaming\uTorrent
2014-11-15 09:51:41 ----D---- C:\Users\Daniel\AppData\Roaming\vlc
2014-11-15 09:43:10 ----D---- C:\ProgramData\Orbit
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 204880]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-08-30 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-12-01 1031392]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 64288]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-19 283200]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 91568]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 80816]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-02-03 88480]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-02-03 46400]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-09-17 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-11-06 19784]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-10-03 38216]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
R3 SaiK0CCC;SaiK0CCC; C:\Windows\system32\DRIVERS\SaiK0CCC.sys [2012-09-20 180544]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2012-01-24 24640]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2012-01-24 52160]
R3 SaiU0CCC;SaiU0CCC; C:\Windows\system32\DRIVERS\SaiU0CCC.sys [2012-09-20 47168]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-04-24 536576]
R3 tihub3;TI USB3 Hub Service; C:\Windows\system32\drivers\tihub3.sys [2011-01-18 125552]
R3 tixhci;TI XHCI Service; C:\Windows\system32\drivers\tixhci.sys [2011-02-22 382024]
S3 cleanhlp;cleanhlp; C:\Windows\system32\drivers\cleanhlp.sys []
S3 CpqDfw;Compaq Dfw; C:\Windows\system32\drivers\CpqDfw.sys [2012-05-29 27456]
S3 cqcpu;Compaq Cpu Diagnostics; C:\Windows\system32\drivers\cqcpu.sys [2010-03-01 24376]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-10-28 107288]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2014-11-23 15920]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2010-12-02 171008]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudobex.sys [2012-02-15 203320]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys [2010-11-01 14544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-08-18 893216]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-11-06 1148744]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-11-06 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-11-06 19819848]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-11-12 934032]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-06-01 75136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [2014-11-23 1025920]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-04-24 318464]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-11-12 409800]
R2 TBSrv;Toolbar Service; C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe [2014-09-30 350528]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-11-28 2631456]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2014-06-21 25832]
S3 EvoSvc;Evolve Service; C:\Program Files\Echobit\Evolve\EvoSvc.exe [2014-01-24 1579424]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-29 654848]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-01-17 227904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2011-03-28 4323256]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-10 1900400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-23 833728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-10-06 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Run by Daniel at 2014-12-13 07:42:50
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 654 GB (70%) free of 941 GB
Total RAM: 12268 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:42:52, on 13.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files\trend micro\Daniel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - (no file)
R3 - URLSearchHook: BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Daniel\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_0.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BS Player ControlBar B - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Daniel\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_0.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\Daniel\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_0.dll
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Evolve Service (EvoSvc) - Echobit LLC - C:\Program Files\Echobit\Evolve\EvoSvc.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Toolbar Service (TBSrv) - ClientConnect Ltd. - C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13903 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
"C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss f71e4a3e-f8fb-4542-95c2-a5e99af02fce 1
\??\C:\Windows\system32\conhost.exe "-1387662725890324480-1244144202-1222295146-1918070494-552943239434217079-1863360593
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2932
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3b3f30ba-089e-4966-bca7-7cab086fb358 -SystemEventPortName:HostProcess-ffd61b70-f652-42d5-a4e5-ea6a8eaa3343 -IoCancelEventPortName:HostProcess-82c84e36-ad0d-41cc-9cf3-f2f9226c8180 -NonStateChangingEventPortName:HostProcess-5cb038b3-48f5-4ea9-bfda-9e54bdf64ddc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4bd89611-1070-405b-b652-59659d4c8875 -DeviceGroupId:WpdFsGroup
C:\Windows\servicing\TrustedInstaller.exe
taskhost.exe USER
taskeng.exe {25A1A068-1A52-4B82-9A1E-A1CD9866CD32}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-161023836980519290-2112604938-19484915748366496901351183822795182445228255072
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\IDT\WDM\beats64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
"C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
explorer.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Daniel\Desktop\ \Instalačky Programu\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1523127539-2779269890-1451957846-1000Core.job - C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1523127539-2779269890-1451957846-1000UA.job - C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForDaniel.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForDaniel (null)
C:\Windows\tasks\RegCure Pro.job - C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe -scan
=========Mozilla firefox=========
ProfilePath - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default\extensions\
{31264a33-a653-46c4-af49-1232c59a7da5}
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default\searchplugins\
yahoo.xml
yahoo_ff.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-11-28 2471744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264a33-a653-46c4-af49-1232c59a7da5}]
BS Player ControlBar B Toolbar - C:\Users\Daniel\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_0.dll [2014-09-30 423744]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-25 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-25 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-08-30 245592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{31264a33-a653-46c4-af49-1232c59a7da5} - BS Player ControlBar B Toolbar - C:\Users\Daniel\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_0.dll [2014-09-30 423744]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2010-10-21 37888]
"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-04-24 1425408]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-11-06 2464072]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-11-06 2800296]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-11-11 21720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
"PlayNC Launcher"= []
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2014-08-22 2281248]
"Spotify Web Helper"=C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-10-13 1514040]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
c:\program files (x86)\daemon tools lite\dtlite.exe [2012-04-17 3671872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easybits Recovery]
c:\program files (x86)\easybits for kids\ezrecover.exe [2011-02-10 61112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX100 Series]
c:\windows\system32\spool\drivers\x64\3\e_iatiede.exe /fu c:\windows\temp\e_se093.tmp /ef hkcu []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvolveClient]
c:\program files\echobit\evolve\evolveclient.exe [2014-01-24 3216800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchHPOSIAPP]
c:\program files (x86)\hewlett-packard\hp keyboard\launchapp.exe [2009-04-04 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager]
c:\program files (x86)\microsoft\search enhancement pack\default manager\defmgr.exe -resume []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
c:\program files (x86)\pdf complete\pdfsty.exe [2011-02-01 656920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProfilerU]
c:\program files\smarttechnology\software\profileru.exe [2012-01-23 432640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiMfd]
c:\program files\smarttechnology\software\saimfd.exe [2012-01-23 158208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
c:\program files (x86)\common files\spigot\search settings\searchsettings.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files (x86)\steam\steam.exe [2014-12-10 1941696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files (x86)\common files\java\java update\jusched.exe [2014-10-07 507776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
c:\program files (x86)\sweetim\messenger\sweetim.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
c:\program files\idt\wdm\sttray64.exe [2012-04-24 1425408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
[]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-09-17 52920]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableChangePassword"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"
======List of files/folders created in the last 1 month======
2014-12-12 22:22:28 ----D---- C:\Program Files (x86)\Tbccint
2014-12-12 22:22:26 ----D---- C:\ProgramData\Tbccint
2014-12-12 19:13:10 ----D---- C:\AdwCleaner
2014-12-12 14:50:02 ----D---- C:\rsit
2014-12-12 14:50:02 ----D---- C:\Program Files\trend micro
2014-12-12 13:03:32 ----AD---- C:\Program Files (x86)\Application Files
2014-12-11 12:48:44 ----SHD---- C:\Config.Msi
2014-12-10 20:24:27 ----D---- C:\Program Files (x86)\Origin Games
2014-12-10 11:23:14 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-10 11:23:14 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-10 11:23:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-10 11:23:05 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-10 11:23:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-10 11:23:05 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-10 11:23:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 11:23:04 ----A---- C:\Windows\system32\iernonce.dll
2014-12-10 11:23:04 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-10 11:23:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-10 11:23:02 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-10 11:23:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-10 11:23:02 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-10 11:23:02 ----A---- C:\Windows\system32\urlmon.dll
2014-12-10 11:23:02 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-10 11:23:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 11:23:01 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-10 11:23:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 11:23:01 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-10 11:23:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-10 11:23:00 ----A---- C:\Windows\system32\iesetup.dll
2014-12-10 11:23:00 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-10 11:22:59 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-10 11:22:59 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-10 11:22:59 ----A---- C:\Windows\system32\iertutil.dll
2014-12-10 11:22:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-10 11:22:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-10 11:22:58 ----A---- C:\Windows\system32\ieui.dll
2014-12-10 11:22:58 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\jscript9.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\ieframe.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\wininet.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\vbscript.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\msrating.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-10 11:22:54 ----A---- C:\Windows\system32\mshtml.dll
2014-12-07 15:04:19 ----D---- C:\Program Files (x86)\Blade & Soul
2014-12-07 15:00:41 ----D---- C:\Users\Daniel\AppData\Roaming\REngLauncher
2014-11-25 22:06:21 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-11-25 22:06:06 ----D---- C:\Program Files (x86)\Java
2014-11-25 22:00:26 ----D---- C:\ProgramData\Oracle
2014-11-24 18:28:52 ----D---- C:\Program Files (x86)\TERA
2014-11-24 18:02:18 ----D---- C:\ProgramData\TERA
2014-11-23 15:49:16 ----D---- C:\sh4ldr
2014-11-23 13:10:27 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2014-11-23 13:08:43 ----D---- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-11-23 12:03:13 ----D---- C:\ProgramData\Emsisoft
2014-11-23 09:06:55 ----A---- C:\autoexec.bat
2014-11-23 09:06:40 ----D---- C:\Users\Daniel\AppData\Roaming\Enigma Software Group
2014-11-23 09:06:00 ----D---- C:\Program Files\Enigma Software Group
2014-11-19 22:29:20 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 22:29:19 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 22:29:19 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 22:29:17 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-18 18:02:34 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-11-18 18:00:51 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-11-18 18:00:51 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-11-18 18:00:51 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-11-18 18:00:51 ----A---- C:\Windows\system32\nvopencl.dll
2014-11-18 18:00:51 ----A---- C:\Windows\system32\nvoglv64.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\nvinitx.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\NvIFR64.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-11-18 18:00:49 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-11-18 18:00:49 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2014-11-18 18:00:49 ----A---- C:\Windows\system32\NvFBC64.dll
2014-11-18 18:00:49 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2014-11-18 18:00:49 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-11-18 18:00:48 ----A---- C:\Windows\system32\nvcuvid.dll
2014-11-18 18:00:48 ----A---- C:\Windows\system32\nvcuda.dll
2014-11-18 18:00:48 ----A---- C:\Windows\system32\nvcompiler.dll
2014-11-18 17:54:06 ----A---- C:\Windows\system32\nvdispgenco6434475.dll
2014-11-18 17:54:06 ----A---- C:\Windows\system32\nvdispco6434475.dll
2014-11-18 17:03:50 ----D---- C:\Program Files\CPUID
2014-11-18 16:16:58 ----D---- C:\Program Files (x86)\Everest Home Edition
2014-11-17 23:05:22 ----A---- C:\Windows\SYSWOW64\shoD115.tmp
2014-11-16 21:32:57 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-11-16 21:32:57 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-11-16 21:32:56 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-11-16 21:32:56 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-11-16 21:32:53 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-11-16 21:32:53 ----A---- C:\Windows\system32\nvapi64.dll
2014-11-16 21:03:27 ----A---- C:\Windows\system32\generaltel.dll
2014-11-16 21:03:26 ----A---- C:\Windows\system32\aepdu.dll
2014-11-16 21:03:24 ----A---- C:\Windows\system32\aeinv.dll
2014-11-16 21:03:20 ----A---- C:\Windows\system32\termsrv.dll
2014-11-16 21:03:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-16 21:03:20 ----A---- C:\Windows\system32\adtschema.dll
2014-11-16 21:03:19 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-16 21:03:19 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-16 21:03:16 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-16 21:03:16 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-16 21:03:16 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-16 21:03:16 ----A---- C:\Windows\system32\msaudite.dll
2014-11-16 20:58:35 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-16 20:58:35 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-16 20:58:35 ----A---- C:\Windows\system32\msxml3.dll
2014-11-16 20:58:34 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-16 20:58:33 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-16 20:58:33 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-16 20:58:31 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-16 20:58:31 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-16 20:58:30 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\EncDump.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-16 20:58:29 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-16 20:57:59 ----A---- C:\Windows\system32\schannel.dll
2014-11-16 20:57:58 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-16 20:57:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-16 20:57:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-16 20:57:55 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-16 20:57:55 ----A---- C:\Windows\system32\wdigest.dll
2014-11-16 20:57:55 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-16 20:57:54 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-16 20:57:54 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-16 20:57:53 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-16 20:57:52 ----A---- C:\Windows\system32\credssp.dll
2014-11-16 20:57:51 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-16 20:57:04 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-16 20:57:04 ----A---- C:\Windows\system32\packager.dll
2014-11-16 20:57:02 ----A---- C:\Windows\system32\win32k.sys
2014-11-16 20:56:57 ----A---- C:\Windows\system32\msi.dll
2014-11-16 20:56:56 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-16 20:55:34 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-16 20:55:33 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-16 20:45:09 ----A---- C:\Windows\system32\nvdispgenco6434465.dll
2014-11-16 20:45:09 ----A---- C:\Windows\system32\nvdispco6434465.dll
======List of files/folders modified in the last 1 month======
2014-12-13 07:42:50 ----D---- C:\Windows\Temp
2014-12-13 07:39:51 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-13 07:37:22 ----D---- C:\Windows\system32\config
2014-12-13 07:37:18 ----D---- C:\ProgramData\PDFC
2014-12-13 07:36:33 ----D---- C:\ProgramData\NVIDIA
2014-12-12 22:27:33 ----D---- C:\Users\Daniel\AppData\Roaming\Skype
2014-12-12 22:24:45 ----D---- C:\Windows\Prefetch
2014-12-12 22:22:28 ----RD---- C:\Program Files (x86)
2014-12-12 22:22:26 ----HD---- C:\ProgramData
2014-12-12 22:20:32 ----D---- C:\Program Files (x86)\Steam
2014-12-12 19:15:44 ----D---- C:\Windows\Tasks
2014-12-12 19:15:44 ----D---- C:\Windows\system32\Tasks
2014-12-12 19:15:43 ----D---- C:\Windows\System32
2014-12-12 19:15:43 ----D---- C:\Program Files (x86)\Common Files
2014-12-12 16:27:12 ----D---- C:\Program Files (x86)\Dragon Age 2
2014-12-12 14:50:02 ----RD---- C:\Program Files
2014-12-12 14:33:28 ----D---- C:\Program Files (x86)\Bonjour
2014-12-12 14:17:38 ----SHD---- C:\System Volume Information
2014-12-12 10:44:56 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-12 10:43:56 ----D---- C:\Users\Daniel\AppData\Roaming\HpUpdate
2014-12-12 10:43:56 ----D---- C:\Users\Daniel\AppData\Roaming\HP Support Assistant
2014-12-12 07:18:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-11 13:12:18 ----D---- C:\Program Files (x86)\GMT-MAX.ORG
2014-12-11 13:04:24 ----D---- C:\Program Files (x86)\Image-Line
2014-12-11 13:03:31 ----AD---- C:\Windows\SysWOW64
2014-12-11 13:02:51 ----D---- C:\Program Files (x86)\VstPlugins
2014-12-11 12:55:50 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-12-11 12:55:23 ----D---- C:\ProgramData\Media Center Programs
2014-12-11 12:52:39 ----D---- C:\ProgramData\Freemake
2014-12-11 12:52:18 ----SHD---- C:\Windows\Installer
2014-12-11 12:49:48 ----RSD---- C:\Windows\assembly
2014-12-11 12:49:47 ----D---- C:\ProgramData\Autodesk
2014-12-11 12:49:40 ----D---- C:\Windows\Help
2014-12-11 12:49:33 ----RSD---- C:\Windows\Fonts
2014-12-11 12:48:54 ----D---- C:\Windows\Microsoft.NET
2014-12-10 21:10:41 ----D---- C:\Windows\rescache
2014-12-10 20:25:46 ----D---- C:\ProgramData\Origin
2014-12-10 20:23:55 ----D---- C:\Program Files (x86)\Origin
2014-12-10 18:05:27 ----D---- C:\ProgramData\ProductData
2014-12-10 18:04:35 ----D---- C:\Windows\winsxs
2014-12-10 18:02:50 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-10 18:02:50 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-10 18:02:50 ----D---- C:\Windows\system32\en-US
2014-12-10 18:02:50 ----D---- C:\Windows\system32\cs-CZ
2014-12-10 18:02:50 ----D---- C:\Windows\PolicyDefinitions
2014-12-10 18:02:50 ----D---- C:\Program Files\Internet Explorer
2014-12-10 18:02:50 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-10 16:03:43 ----D---- C:\Windows\system32\MRT
2014-12-10 15:59:34 ----A---- C:\Windows\system32\MRT.exe
2014-12-10 11:18:05 ----D---- C:\Windows\system32\catroot2
2014-12-09 16:45:49 ----RD---- C:\Program Files (x86)\Skype
2014-12-09 16:45:47 ----D---- C:\ProgramData\Skype
2014-12-09 16:19:39 ----D---- C:\Users\Daniel\AppData\Roaming\gtk-2.0
2014-12-08 17:34:13 ----D---- C:\Users\Daniel\AppData\Roaming\Spotify
2014-12-05 15:44:24 ----D---- C:\Program Files (x86)\IObit
2014-12-01 14:19:47 ----D---- C:\Windows\system32\drivers
2014-11-30 07:05:23 ----D---- C:\Windows\system32\NDF
2014-11-29 09:50:10 ----D---- C:\Windows\inf
2014-11-29 09:50:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-28 13:27:58 ----D---- C:\Windows\tracing
2014-11-28 13:24:37 ----D---- C:\Users\Daniel\AppData\Roaming\IObit
2014-11-28 13:24:37 ----D---- C:\ProgramData\IObit
2014-11-25 22:00:29 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-11-25 22:00:29 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-11-25 22:00:29 ----A---- C:\Windows\SYSWOW64\java.exe
2014-11-24 18:28:56 ----D---- C:\Users\Daniel\AppData\Roaming\TERA
2014-11-24 17:27:12 ----D---- C:\Program Files (x86)\Strife
2014-11-23 16:37:10 ----D---- C:\Program Files (x86)\Google
2014-11-23 15:54:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-23 15:25:57 ----AD---- C:\Windows
2014-11-23 09:05:32 ----D---- C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite
2014-11-18 18:02:43 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-11-18 18:02:32 ----D---- C:\Windows\system32\DriverStore
2014-11-16 21:37:19 ----D---- C:\Program Files\NVIDIA Corporation
2014-11-16 21:21:41 ----SD---- C:\Windows\system32\CompatTel
2014-11-16 12:49:59 ----D---- C:\Users\Daniel\AppData\Roaming\uTorrent
2014-11-15 09:51:41 ----D---- C:\Users\Daniel\AppData\Roaming\vlc
2014-11-15 09:43:10 ----D---- C:\ProgramData\Orbit
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 204880]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-08-30 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-12-01 1031392]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 64288]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-19 283200]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 91568]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 80816]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-02-03 88480]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-02-03 46400]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-09-17 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-11-06 19784]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-10-03 38216]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
R3 SaiK0CCC;SaiK0CCC; C:\Windows\system32\DRIVERS\SaiK0CCC.sys [2012-09-20 180544]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2012-01-24 24640]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2012-01-24 52160]
R3 SaiU0CCC;SaiU0CCC; C:\Windows\system32\DRIVERS\SaiU0CCC.sys [2012-09-20 47168]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-04-24 536576]
R3 tihub3;TI USB3 Hub Service; C:\Windows\system32\drivers\tihub3.sys [2011-01-18 125552]
R3 tixhci;TI XHCI Service; C:\Windows\system32\drivers\tixhci.sys [2011-02-22 382024]
S3 cleanhlp;cleanhlp; C:\Windows\system32\drivers\cleanhlp.sys []
S3 CpqDfw;Compaq Dfw; C:\Windows\system32\drivers\CpqDfw.sys [2012-05-29 27456]
S3 cqcpu;Compaq Cpu Diagnostics; C:\Windows\system32\drivers\cqcpu.sys [2010-03-01 24376]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-10-28 107288]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2014-11-23 15920]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2010-12-02 171008]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudobex.sys [2012-02-15 203320]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys [2010-11-01 14544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-08-18 893216]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-11-06 1148744]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-11-06 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-11-06 19819848]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-11-12 934032]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-06-01 75136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [2014-11-23 1025920]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-04-24 318464]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-11-12 409800]
R2 TBSrv;Toolbar Service; C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe [2014-09-30 350528]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-11-28 2631456]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2014-06-21 25832]
S3 EvoSvc;Evolve Service; C:\Program Files\Echobit\Evolve\EvoSvc.exe [2014-01-24 1579424]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-29 654848]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-01-17 227904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2011-03-28 4323256]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-10 1900400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-23 833728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-10-06 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119557
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Users\Daniel\AppData\LocalLow\BS_Player_ControlBar_B
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1523127539-2779269890-1451957846-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1523127539-2779269890-1451957846-1000UA.job
c:\program files (x86)\common files\spigot
c:\program files (x86)\sweetim
C:\Program Files (x86)\Tbccint
C:\ProgramData\Tbccint
C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
C:\Windows\SYSWOW64\sho*.tmp
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264a33-a653-46c4-af49-1232c59a7da5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Logfile of random's system information tool 1.10 (written by random/random)
Run by Daniel at 2014-12-14 08:21:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 598 GB (64%) free of 941 GB
Total RAM: 12268 MB (82% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:21:37, on 14.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Daniel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - (no file)
R3 - URLSearchHook: (no name) - {31264a33-a653-46c4-af49-1232c59a7da5} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Evolve Service (EvoSvc) - Echobit LLC - C:\Program Files\Echobit\Evolve\EvoSvc.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Toolbar Service (TBSrv) - Unknown owner - C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13347 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
"C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
taskeng.exe {07BE1D68-8EF5-4405-9A9A-0C615F45F78D}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
taskeng.exe {463FD4D9-F3AC-4D37-970D-E59463E220C9}
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss f71e4a3e-f8fb-4542-95c2-a5e99af02fce 1
\??\C:\Windows\system32\conhost.exe "-1712286014-97759585-62762304810322301001096357302-1806576232-491080976931136618
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-15315410161450006930-2011791793-825162278200598984-397954451-2137460201-985091720
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 3284
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1ee5b9de-2d8f-4d2e-8151-a88a356edaff -SystemEventPortName:HostProcess-6fb5db78-0d3f-40a9-8cec-df69634d9a3a -IoCancelEventPortName:HostProcess-56da16c5-39dc-4582-9856-903711bc7113 -NonStateChangingEventPortName:HostProcess-3d2740b3-179a-4e12-bf89-4e8a34c380d4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:712f1f82-18ea-4ce2-b7c0-982e2afaca1c -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
"C:\Program Files\IDT\WDM\beats64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
"C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544
"C:\Users\Daniel\Desktop\ \Instalačky Programu\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\HPCeeScheduleForDaniel.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForDaniel (null)
C:\Windows\tasks\RegCure Pro.job - C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe -scan
=========Mozilla firefox=========
ProfilePath - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default\extensions\
{31264a33-a653-46c4-af49-1232c59a7da5}
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default\searchplugins\
yahoo.xml
yahoo_ff.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-11-28 2471744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-25 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-25 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2010-10-21 37888]
"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-04-24 1425408]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-11-06 2464072]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-11-06 2800296]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-11-11 21720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
"PlayNC Launcher"= []
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2014-08-22 2281248]
"Spotify Web Helper"=C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-10-13 1514040]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
c:\program files (x86)\daemon tools lite\dtlite.exe [2012-04-17 3671872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easybits Recovery]
c:\program files (x86)\easybits for kids\ezrecover.exe [2011-02-10 61112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX100 Series]
c:\windows\system32\spool\drivers\x64\3\e_iatiede.exe /fu c:\windows\temp\e_se093.tmp /ef hkcu []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvolveClient]
c:\program files\echobit\evolve\evolveclient.exe [2014-01-24 3216800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchHPOSIAPP]
c:\program files (x86)\hewlett-packard\hp keyboard\launchapp.exe [2009-04-04 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager]
c:\program files (x86)\microsoft\search enhancement pack\default manager\defmgr.exe -resume []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
c:\program files (x86)\pdf complete\pdfsty.exe [2011-02-01 656920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProfilerU]
c:\program files\smarttechnology\software\profileru.exe [2012-01-23 432640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiMfd]
c:\program files\smarttechnology\software\saimfd.exe [2012-01-23 158208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
c:\program files (x86)\common files\spigot\search settings\searchsettings.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files (x86)\steam\steam.exe [2014-12-12 1941696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files (x86)\common files\java\java update\jusched.exe [2014-10-07 507776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
c:\program files (x86)\sweetim\messenger\sweetim.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
c:\program files\idt\wdm\sttray64.exe [2012-04-24 1425408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
[]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-08-30 4858968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-09-17 52920]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableChangePassword"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"
======List of files/folders created in the last 1 month======
2014-12-14 08:20:23 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-12-14 08:20:21 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-12-14 08:20:19 ----A---- C:\Windows\system32\aswBoot.exe
2014-12-14 08:20:14 ----A---- C:\Windows\avastSS.scr
2014-12-14 08:12:46 ----D---- C:\_OTM
2014-12-12 19:13:10 ----D---- C:\AdwCleaner
2014-12-12 14:50:02 ----D---- C:\rsit
2014-12-12 14:50:02 ----D---- C:\Program Files\trend micro
2014-12-12 13:03:32 ----AD---- C:\Program Files (x86)\Application Files
2014-12-10 20:24:27 ----D---- C:\Program Files (x86)\Origin Games
2014-12-10 11:23:14 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-10 11:23:14 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-10 11:23:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-10 11:23:05 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-10 11:23:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-10 11:23:05 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-10 11:23:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 11:23:04 ----A---- C:\Windows\system32\iernonce.dll
2014-12-10 11:23:04 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-10 11:23:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-10 11:23:02 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-10 11:23:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-10 11:23:02 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-10 11:23:02 ----A---- C:\Windows\system32\urlmon.dll
2014-12-10 11:23:02 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-10 11:23:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 11:23:01 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-10 11:23:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 11:23:01 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-10 11:23:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-10 11:23:00 ----A---- C:\Windows\system32\iesetup.dll
2014-12-10 11:23:00 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-10 11:22:59 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-10 11:22:59 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-10 11:22:59 ----A---- C:\Windows\system32\iertutil.dll
2014-12-10 11:22:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-10 11:22:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-10 11:22:58 ----A---- C:\Windows\system32\ieui.dll
2014-12-10 11:22:58 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\jscript9.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\ieframe.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\wininet.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\vbscript.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\msrating.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-10 11:22:54 ----A---- C:\Windows\system32\mshtml.dll
2014-12-07 15:04:19 ----D---- C:\Program Files (x86)\Blade & Soul
2014-12-07 15:00:41 ----D---- C:\Users\Daniel\AppData\Roaming\REngLauncher
2014-11-25 22:06:21 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-11-25 22:06:06 ----D---- C:\Program Files (x86)\Java
2014-11-25 22:00:26 ----D---- C:\ProgramData\Oracle
2014-11-24 18:28:52 ----D---- C:\Program Files (x86)\TERA
2014-11-24 18:02:18 ----D---- C:\ProgramData\TERA
2014-11-23 15:49:16 ----D---- C:\sh4ldr
2014-11-23 13:10:27 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2014-11-23 12:03:13 ----D---- C:\ProgramData\Emsisoft
2014-11-23 09:06:55 ----A---- C:\autoexec.bat
2014-11-23 09:06:40 ----D---- C:\Users\Daniel\AppData\Roaming\Enigma Software Group
2014-11-23 09:06:00 ----D---- C:\Program Files\Enigma Software Group
2014-11-19 22:29:20 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 22:29:19 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 22:29:19 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 22:29:17 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-18 18:02:34 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-11-18 18:00:51 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-11-18 18:00:51 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-11-18 18:00:51 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-11-18 18:00:51 ----A---- C:\Windows\system32\nvopencl.dll
2014-11-18 18:00:51 ----A---- C:\Windows\system32\nvoglv64.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\nvinitx.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\NvIFR64.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-11-18 18:00:49 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-11-18 18:00:49 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2014-11-18 18:00:49 ----A---- C:\Windows\system32\NvFBC64.dll
2014-11-18 18:00:49 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2014-11-18 18:00:49 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-11-18 18:00:48 ----A---- C:\Windows\system32\nvcuvid.dll
2014-11-18 18:00:48 ----A---- C:\Windows\system32\nvcuda.dll
2014-11-18 18:00:48 ----A---- C:\Windows\system32\nvcompiler.dll
2014-11-18 17:54:06 ----A---- C:\Windows\system32\nvdispgenco6434475.dll
2014-11-18 17:54:06 ----A---- C:\Windows\system32\nvdispco6434475.dll
2014-11-18 17:03:50 ----D---- C:\Program Files\CPUID
2014-11-18 16:16:58 ----D---- C:\Program Files (x86)\Everest Home Edition
2014-11-16 21:32:57 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-11-16 21:32:57 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-11-16 21:32:56 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-11-16 21:32:56 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-11-16 21:32:53 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-11-16 21:32:53 ----A---- C:\Windows\system32\nvapi64.dll
2014-11-16 21:03:27 ----A---- C:\Windows\system32\generaltel.dll
2014-11-16 21:03:26 ----A---- C:\Windows\system32\aepdu.dll
2014-11-16 21:03:24 ----A---- C:\Windows\system32\aeinv.dll
2014-11-16 21:03:20 ----A---- C:\Windows\system32\termsrv.dll
2014-11-16 21:03:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-16 21:03:20 ----A---- C:\Windows\system32\adtschema.dll
2014-11-16 21:03:19 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-16 21:03:19 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-16 21:03:16 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-16 21:03:16 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-16 21:03:16 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-16 21:03:16 ----A---- C:\Windows\system32\msaudite.dll
2014-11-16 20:58:35 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-16 20:58:35 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-16 20:58:35 ----A---- C:\Windows\system32\msxml3.dll
2014-11-16 20:58:34 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-16 20:58:33 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-16 20:58:33 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-16 20:58:31 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-16 20:58:31 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-16 20:58:30 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\EncDump.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-16 20:58:29 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-16 20:57:59 ----A---- C:\Windows\system32\schannel.dll
2014-11-16 20:57:58 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-16 20:57:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-16 20:57:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-16 20:57:55 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-16 20:57:55 ----A---- C:\Windows\system32\wdigest.dll
2014-11-16 20:57:55 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-16 20:57:54 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-16 20:57:54 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-16 20:57:53 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-16 20:57:52 ----A---- C:\Windows\system32\credssp.dll
2014-11-16 20:57:51 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-16 20:57:04 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-16 20:57:04 ----A---- C:\Windows\system32\packager.dll
2014-11-16 20:57:02 ----A---- C:\Windows\system32\win32k.sys
2014-11-16 20:56:57 ----A---- C:\Windows\system32\msi.dll
2014-11-16 20:56:56 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-16 20:55:34 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-16 20:55:33 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-16 20:45:09 ----A---- C:\Windows\system32\nvdispgenco6434465.dll
2014-11-16 20:45:09 ----A---- C:\Windows\system32\nvdispco6434465.dll
======List of files/folders modified in the last 1 month======
2014-12-14 08:21:36 ----D---- C:\Windows\Temp
2014-12-14 08:20:27 ----D---- C:\Windows\system32\Tasks
2014-12-14 08:20:23 ----D---- C:\Windows\system32\drivers
2014-12-14 08:20:20 ----D---- C:\Windows\winsxs
2014-12-14 08:20:19 ----D---- C:\Windows\System32
2014-12-14 08:20:16 ----AD---- C:\Windows
2014-12-14 08:19:11 ----SHD---- C:\System Volume Information
2014-12-14 08:18:31 ----D---- C:\ProgramData\AVAST Software
2014-12-14 08:17:16 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-14 08:15:59 ----D---- C:\Windows\system32\config
2014-12-14 08:15:10 ----D---- C:\ProgramData\PDFC
2014-12-14 08:14:35 ----D---- C:\ProgramData\NVIDIA
2014-12-14 08:12:48 ----RD---- C:\Program Files (x86)
2014-12-14 08:12:48 ----HD---- C:\ProgramData
2014-12-14 08:12:48 ----AD---- C:\Windows\SysWOW64
2014-12-14 08:12:47 ----D---- C:\Windows\Tasks
2014-12-13 23:14:12 ----D---- C:\Windows\inf
2014-12-13 23:14:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-13 20:59:09 ----D---- C:\Program Files (x86)\Steam
2014-12-13 20:59:05 ----D---- C:\Users\Daniel\AppData\Roaming\Skype
2014-12-13 18:35:26 ----SHD---- C:\Windows\Installer
2014-12-13 18:35:08 ----D---- C:\ProgramData\Package Cache
2014-12-12 22:24:45 ----D---- C:\Windows\Prefetch
2014-12-12 19:15:43 ----D---- C:\Program Files (x86)\Common Files
2014-12-12 16:27:12 ----D---- C:\Program Files (x86)\Dragon Age 2
2014-12-12 14:50:02 ----RD---- C:\Program Files
2014-12-12 14:33:28 ----D---- C:\Program Files (x86)\Bonjour
2014-12-12 10:44:56 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-12 10:43:56 ----D---- C:\Users\Daniel\AppData\Roaming\HpUpdate
2014-12-12 10:43:56 ----D---- C:\Users\Daniel\AppData\Roaming\HP Support Assistant
2014-12-12 07:18:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-11 13:12:18 ----D---- C:\Program Files (x86)\GMT-MAX.ORG
2014-12-11 13:04:24 ----D---- C:\Program Files (x86)\Image-Line
2014-12-11 13:02:51 ----D---- C:\Program Files (x86)\VstPlugins
2014-12-11 12:55:50 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-12-11 12:55:23 ----D---- C:\ProgramData\Media Center Programs
2014-12-11 12:52:39 ----D---- C:\ProgramData\Freemake
2014-12-11 12:49:48 ----RSD---- C:\Windows\assembly
2014-12-11 12:49:47 ----D---- C:\ProgramData\Autodesk
2014-12-11 12:49:40 ----D---- C:\Windows\Help
2014-12-11 12:49:33 ----RSD---- C:\Windows\Fonts
2014-12-11 12:48:54 ----D---- C:\Windows\Microsoft.NET
2014-12-10 21:10:41 ----D---- C:\Windows\rescache
2014-12-10 20:25:46 ----D---- C:\ProgramData\Origin
2014-12-10 20:23:55 ----D---- C:\Program Files (x86)\Origin
2014-12-10 18:05:27 ----D---- C:\ProgramData\ProductData
2014-12-10 18:02:50 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-10 18:02:50 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-10 18:02:50 ----D---- C:\Windows\system32\en-US
2014-12-10 18:02:50 ----D---- C:\Windows\system32\cs-CZ
2014-12-10 18:02:50 ----D---- C:\Windows\PolicyDefinitions
2014-12-10 18:02:50 ----D---- C:\Program Files\Internet Explorer
2014-12-10 18:02:50 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-10 16:03:43 ----D---- C:\Windows\system32\MRT
2014-12-10 15:59:34 ----A---- C:\Windows\system32\MRT.exe
2014-12-10 11:18:05 ----D---- C:\Windows\system32\catroot2
2014-12-09 16:45:49 ----RD---- C:\Program Files (x86)\Skype
2014-12-09 16:45:47 ----D---- C:\ProgramData\Skype
2014-12-09 16:19:39 ----D---- C:\Users\Daniel\AppData\Roaming\gtk-2.0
2014-12-08 17:34:13 ----D---- C:\Users\Daniel\AppData\Roaming\Spotify
2014-12-05 15:44:24 ----D---- C:\Program Files (x86)\IObit
2014-11-30 07:05:23 ----D---- C:\Windows\system32\NDF
2014-11-28 13:27:58 ----D---- C:\Windows\tracing
2014-11-28 13:24:37 ----D---- C:\Users\Daniel\AppData\Roaming\IObit
2014-11-28 13:24:37 ----D---- C:\ProgramData\IObit
2014-11-25 22:00:29 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-11-25 22:00:29 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-11-25 22:00:29 ----A---- C:\Windows\SYSWOW64\java.exe
2014-11-24 18:28:56 ----D---- C:\Users\Daniel\AppData\Roaming\TERA
2014-11-24 17:27:12 ----D---- C:\Program Files (x86)\Strife
2014-11-23 16:37:10 ----D---- C:\Program Files (x86)\Google
2014-11-23 15:54:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-23 09:05:32 ----D---- C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite
2014-11-18 18:02:43 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-11-18 18:02:32 ----D---- C:\Windows\system32\DriverStore
2014-11-16 21:37:19 ----D---- C:\Program Files\NVIDIA Corporation
2014-11-16 21:21:41 ----SD---- C:\Windows\system32\CompatTel
2014-11-16 12:49:59 ----D---- C:\Users\Daniel\AppData\Roaming\uTorrent
2014-11-15 09:51:41 ----D---- C:\Users\Daniel\AppData\Roaming\vlc
2014-11-15 09:43:10 ----D---- C:\ProgramData\Orbit
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-12-14 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-12-14 267632]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-12-14 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-12-14 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-12-14 436624]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-19 283200]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 91568]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-12-14 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-12-14 83280]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-02-03 88480]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-02-03 46400]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-09-17 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-11-06 19784]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-10-03 38216]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
R3 SaiK0CCC;SaiK0CCC; C:\Windows\system32\DRIVERS\SaiK0CCC.sys [2012-09-20 180544]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2012-01-24 24640]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2012-01-24 52160]
R3 SaiU0CCC;SaiU0CCC; C:\Windows\system32\DRIVERS\SaiU0CCC.sys [2012-09-20 47168]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-04-24 536576]
R3 tihub3;TI USB3 Hub Service; C:\Windows\system32\drivers\tihub3.sys [2011-01-18 125552]
R3 tixhci;TI XHCI Service; C:\Windows\system32\drivers\tixhci.sys [2011-02-22 382024]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-12-14 116728]
S3 cleanhlp;cleanhlp; C:\Windows\system32\drivers\cleanhlp.sys []
S3 CpqDfw;Compaq Dfw; C:\Windows\system32\drivers\CpqDfw.sys [2012-05-29 27456]
S3 cqcpu;Compaq Cpu Diagnostics; C:\Windows\system32\drivers\cqcpu.sys [2010-03-01 24376]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-10-28 107288]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2014-11-23 15920]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2010-12-02 171008]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudobex.sys [2012-02-15 203320]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys [2010-11-01 14544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-08-18 893216]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-11-06 1148744]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-11-06 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-11-06 19819848]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-11-12 934032]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-06-01 75136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [2014-11-23 1025920]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-04-24 318464]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-11-12 409800]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-11-28 2631456]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S2 TBSrv;Toolbar Service; C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2014-06-21 25832]
S3 EvoSvc;Evolve Service; C:\Program Files\Echobit\Evolve\EvoSvc.exe [2014-01-24 1579424]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-29 654848]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-01-17 227904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2011-03-28 4323256]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-10 1900400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-23 833728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-10-06 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Run by Daniel at 2014-12-14 08:21:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 598 GB (64%) free of 941 GB
Total RAM: 12268 MB (82% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:21:37, on 14.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Daniel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - (no file)
R3 - URLSearchHook: (no name) - {31264a33-a653-46c4-af49-1232c59a7da5} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Evolve Service (EvoSvc) - Echobit LLC - C:\Program Files\Echobit\Evolve\EvoSvc.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Toolbar Service (TBSrv) - Unknown owner - C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13347 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
"C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
taskeng.exe {07BE1D68-8EF5-4405-9A9A-0C615F45F78D}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\AESTSr64.exe"
C:\Windows\SysWOW64\ezSharedSvcHost.exe
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
taskeng.exe {463FD4D9-F3AC-4D37-970D-E59463E220C9}
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss f71e4a3e-f8fb-4542-95c2-a5e99af02fce 1
\??\C:\Windows\system32\conhost.exe "-1712286014-97759585-62762304810322301001096357302-1806576232-491080976931136618
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-15315410161450006930-2011791793-825162278200598984-397954451-2137460201-985091720
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 3284
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1ee5b9de-2d8f-4d2e-8151-a88a356edaff -SystemEventPortName:HostProcess-6fb5db78-0d3f-40a9-8cec-df69634d9a3a -IoCancelEventPortName:HostProcess-56da16c5-39dc-4582-9856-903711bc7113 -NonStateChangingEventPortName:HostProcess-3d2740b3-179a-4e12-bf89-4e8a34c380d4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:712f1f82-18ea-4ce2-b7c0-982e2afaca1c -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
"C:\Program Files\IDT\WDM\beats64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
"C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544
"C:\Users\Daniel\Desktop\ \Instalačky Programu\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\HPCeeScheduleForDaniel.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForDaniel (null)
C:\Windows\tasks\RegCure Pro.job - C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe -scan
=========Mozilla firefox=========
ProfilePath - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default\extensions\
{31264a33-a653-46c4-af49-1232c59a7da5}
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\miux80u8.default\searchplugins\
yahoo.xml
yahoo_ff.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-11-28 2471744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-25 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-25 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2010-10-21 37888]
"hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-04-24 1425408]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-11-06 2464072]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-11-06 2800296]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-11-11 21720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
"PlayNC Launcher"= []
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2014-08-22 2281248]
"Spotify Web Helper"=C:\Users\Daniel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-10-13 1514040]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
c:\program files (x86)\daemon tools lite\dtlite.exe [2012-04-17 3671872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easybits Recovery]
c:\program files (x86)\easybits for kids\ezrecover.exe [2011-02-10 61112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX100 Series]
c:\windows\system32\spool\drivers\x64\3\e_iatiede.exe /fu c:\windows\temp\e_se093.tmp /ef hkcu []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvolveClient]
c:\program files\echobit\evolve\evolveclient.exe [2014-01-24 3216800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchHPOSIAPP]
c:\program files (x86)\hewlett-packard\hp keyboard\launchapp.exe [2009-04-04 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager]
c:\program files (x86)\microsoft\search enhancement pack\default manager\defmgr.exe -resume []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
c:\program files (x86)\pdf complete\pdfsty.exe [2011-02-01 656920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProfilerU]
c:\program files\smarttechnology\software\profileru.exe [2012-01-23 432640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SaiMfd]
c:\program files\smarttechnology\software\saimfd.exe [2012-01-23 158208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
c:\program files (x86)\common files\spigot\search settings\searchsettings.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files (x86)\steam\steam.exe [2014-12-12 1941696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
c:\program files (x86)\common files\java\java update\jusched.exe [2014-10-07 507776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
c:\program files (x86)\sweetim\messenger\sweetim.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
c:\program files\idt\wdm\sttray64.exe [2012-04-24 1425408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
[]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-08-30 4858968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2011-09-17 52920]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableChangePassword"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"EnableShellExecuteHooks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"
======List of files/folders created in the last 1 month======
2014-12-14 08:20:23 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-12-14 08:20:21 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-12-14 08:20:19 ----A---- C:\Windows\system32\aswBoot.exe
2014-12-14 08:20:14 ----A---- C:\Windows\avastSS.scr
2014-12-14 08:12:46 ----D---- C:\_OTM
2014-12-12 19:13:10 ----D---- C:\AdwCleaner
2014-12-12 14:50:02 ----D---- C:\rsit
2014-12-12 14:50:02 ----D---- C:\Program Files\trend micro
2014-12-12 13:03:32 ----AD---- C:\Program Files (x86)\Application Files
2014-12-10 20:24:27 ----D---- C:\Program Files (x86)\Origin Games
2014-12-10 11:23:14 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-10 11:23:14 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-10 11:23:05 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-10 11:23:05 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-10 11:23:05 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-10 11:23:05 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-10 11:23:04 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-10 11:23:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 11:23:04 ----A---- C:\Windows\system32\iernonce.dll
2014-12-10 11:23:04 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-10 11:23:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-10 11:23:02 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-10 11:23:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-10 11:23:02 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-10 11:23:02 ----A---- C:\Windows\system32\urlmon.dll
2014-12-10 11:23:02 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-10 11:23:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-10 11:23:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 11:23:01 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-10 11:23:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 11:23:01 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-10 11:23:00 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-10 11:23:00 ----A---- C:\Windows\system32\iesetup.dll
2014-12-10 11:23:00 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-10 11:22:59 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-10 11:22:59 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-10 11:22:59 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-10 11:22:59 ----A---- C:\Windows\system32\iertutil.dll
2014-12-10 11:22:58 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-10 11:22:58 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-10 11:22:58 ----A---- C:\Windows\system32\ieui.dll
2014-12-10 11:22:58 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\jscript9.dll
2014-12-10 11:22:57 ----A---- C:\Windows\system32\ieframe.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\wininet.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\vbscript.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\msrating.dll
2014-12-10 11:22:56 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-10 11:22:54 ----A---- C:\Windows\system32\mshtml.dll
2014-12-07 15:04:19 ----D---- C:\Program Files (x86)\Blade & Soul
2014-12-07 15:00:41 ----D---- C:\Users\Daniel\AppData\Roaming\REngLauncher
2014-11-25 22:06:21 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-11-25 22:06:06 ----D---- C:\Program Files (x86)\Java
2014-11-25 22:00:26 ----D---- C:\ProgramData\Oracle
2014-11-24 18:28:52 ----D---- C:\Program Files (x86)\TERA
2014-11-24 18:02:18 ----D---- C:\ProgramData\TERA
2014-11-23 15:49:16 ----D---- C:\sh4ldr
2014-11-23 13:10:27 ----A---- C:\Windows\system32\drivers\EsgScanner.sys
2014-11-23 12:03:13 ----D---- C:\ProgramData\Emsisoft
2014-11-23 09:06:55 ----A---- C:\autoexec.bat
2014-11-23 09:06:40 ----D---- C:\Users\Daniel\AppData\Roaming\Enigma Software Group
2014-11-23 09:06:00 ----D---- C:\Program Files\Enigma Software Group
2014-11-19 22:29:20 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 22:29:19 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 22:29:19 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 22:29:17 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-18 18:02:34 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-11-18 18:00:51 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-11-18 18:00:51 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-11-18 18:00:51 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-11-18 18:00:51 ----A---- C:\Windows\system32\nvopencl.dll
2014-11-18 18:00:51 ----A---- C:\Windows\system32\nvoglv64.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2014-11-18 18:00:50 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\nvinitx.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\NvIFR64.dll
2014-11-18 18:00:50 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-11-18 18:00:49 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-11-18 18:00:49 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2014-11-18 18:00:49 ----A---- C:\Windows\system32\NvFBC64.dll
2014-11-18 18:00:49 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2014-11-18 18:00:49 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-11-18 18:00:48 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-11-18 18:00:48 ----A---- C:\Windows\system32\nvcuvid.dll
2014-11-18 18:00:48 ----A---- C:\Windows\system32\nvcuda.dll
2014-11-18 18:00:48 ----A---- C:\Windows\system32\nvcompiler.dll
2014-11-18 17:54:06 ----A---- C:\Windows\system32\nvdispgenco6434475.dll
2014-11-18 17:54:06 ----A---- C:\Windows\system32\nvdispco6434475.dll
2014-11-18 17:03:50 ----D---- C:\Program Files\CPUID
2014-11-18 16:16:58 ----D---- C:\Program Files (x86)\Everest Home Edition
2014-11-16 21:32:57 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-11-16 21:32:57 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-11-16 21:32:56 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-11-16 21:32:56 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-11-16 21:32:53 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-11-16 21:32:53 ----A---- C:\Windows\system32\nvapi64.dll
2014-11-16 21:03:27 ----A---- C:\Windows\system32\generaltel.dll
2014-11-16 21:03:26 ----A---- C:\Windows\system32\aepdu.dll
2014-11-16 21:03:24 ----A---- C:\Windows\system32\aeinv.dll
2014-11-16 21:03:20 ----A---- C:\Windows\system32\termsrv.dll
2014-11-16 21:03:20 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-16 21:03:20 ----A---- C:\Windows\system32\adtschema.dll
2014-11-16 21:03:19 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-16 21:03:19 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-16 21:03:16 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-16 21:03:16 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-16 21:03:16 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-16 21:03:16 ----A---- C:\Windows\system32\msaudite.dll
2014-11-16 20:58:35 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-16 20:58:35 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-16 20:58:35 ----A---- C:\Windows\system32\msxml3.dll
2014-11-16 20:58:34 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-16 20:58:33 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-16 20:58:33 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-16 20:58:31 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-16 20:58:31 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-16 20:58:30 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\EncDump.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-16 20:58:30 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-16 20:58:29 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-16 20:57:59 ----A---- C:\Windows\system32\schannel.dll
2014-11-16 20:57:58 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-16 20:57:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-16 20:57:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-16 20:57:55 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-16 20:57:55 ----A---- C:\Windows\system32\wdigest.dll
2014-11-16 20:57:55 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-16 20:57:54 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-16 20:57:54 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-16 20:57:53 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-16 20:57:52 ----A---- C:\Windows\system32\credssp.dll
2014-11-16 20:57:51 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-16 20:57:04 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-16 20:57:04 ----A---- C:\Windows\system32\packager.dll
2014-11-16 20:57:02 ----A---- C:\Windows\system32\win32k.sys
2014-11-16 20:56:57 ----A---- C:\Windows\system32\msi.dll
2014-11-16 20:56:56 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-16 20:55:34 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-16 20:55:33 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-16 20:45:09 ----A---- C:\Windows\system32\nvdispgenco6434465.dll
2014-11-16 20:45:09 ----A---- C:\Windows\system32\nvdispco6434465.dll
======List of files/folders modified in the last 1 month======
2014-12-14 08:21:36 ----D---- C:\Windows\Temp
2014-12-14 08:20:27 ----D---- C:\Windows\system32\Tasks
2014-12-14 08:20:23 ----D---- C:\Windows\system32\drivers
2014-12-14 08:20:20 ----D---- C:\Windows\winsxs
2014-12-14 08:20:19 ----D---- C:\Windows\System32
2014-12-14 08:20:16 ----AD---- C:\Windows
2014-12-14 08:19:11 ----SHD---- C:\System Volume Information
2014-12-14 08:18:31 ----D---- C:\ProgramData\AVAST Software
2014-12-14 08:17:16 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-14 08:15:59 ----D---- C:\Windows\system32\config
2014-12-14 08:15:10 ----D---- C:\ProgramData\PDFC
2014-12-14 08:14:35 ----D---- C:\ProgramData\NVIDIA
2014-12-14 08:12:48 ----RD---- C:\Program Files (x86)
2014-12-14 08:12:48 ----HD---- C:\ProgramData
2014-12-14 08:12:48 ----AD---- C:\Windows\SysWOW64
2014-12-14 08:12:47 ----D---- C:\Windows\Tasks
2014-12-13 23:14:12 ----D---- C:\Windows\inf
2014-12-13 23:14:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-13 20:59:09 ----D---- C:\Program Files (x86)\Steam
2014-12-13 20:59:05 ----D---- C:\Users\Daniel\AppData\Roaming\Skype
2014-12-13 18:35:26 ----SHD---- C:\Windows\Installer
2014-12-13 18:35:08 ----D---- C:\ProgramData\Package Cache
2014-12-12 22:24:45 ----D---- C:\Windows\Prefetch
2014-12-12 19:15:43 ----D---- C:\Program Files (x86)\Common Files
2014-12-12 16:27:12 ----D---- C:\Program Files (x86)\Dragon Age 2
2014-12-12 14:50:02 ----RD---- C:\Program Files
2014-12-12 14:33:28 ----D---- C:\Program Files (x86)\Bonjour
2014-12-12 10:44:56 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-12 10:43:56 ----D---- C:\Users\Daniel\AppData\Roaming\HpUpdate
2014-12-12 10:43:56 ----D---- C:\Users\Daniel\AppData\Roaming\HP Support Assistant
2014-12-12 07:18:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-11 13:12:18 ----D---- C:\Program Files (x86)\GMT-MAX.ORG
2014-12-11 13:04:24 ----D---- C:\Program Files (x86)\Image-Line
2014-12-11 13:02:51 ----D---- C:\Program Files (x86)\VstPlugins
2014-12-11 12:55:50 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-12-11 12:55:23 ----D---- C:\ProgramData\Media Center Programs
2014-12-11 12:52:39 ----D---- C:\ProgramData\Freemake
2014-12-11 12:49:48 ----RSD---- C:\Windows\assembly
2014-12-11 12:49:47 ----D---- C:\ProgramData\Autodesk
2014-12-11 12:49:40 ----D---- C:\Windows\Help
2014-12-11 12:49:33 ----RSD---- C:\Windows\Fonts
2014-12-11 12:48:54 ----D---- C:\Windows\Microsoft.NET
2014-12-10 21:10:41 ----D---- C:\Windows\rescache
2014-12-10 20:25:46 ----D---- C:\ProgramData\Origin
2014-12-10 20:23:55 ----D---- C:\Program Files (x86)\Origin
2014-12-10 18:05:27 ----D---- C:\ProgramData\ProductData
2014-12-10 18:02:50 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-10 18:02:50 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-10 18:02:50 ----D---- C:\Windows\system32\en-US
2014-12-10 18:02:50 ----D---- C:\Windows\system32\cs-CZ
2014-12-10 18:02:50 ----D---- C:\Windows\PolicyDefinitions
2014-12-10 18:02:50 ----D---- C:\Program Files\Internet Explorer
2014-12-10 18:02:50 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-10 16:03:43 ----D---- C:\Windows\system32\MRT
2014-12-10 15:59:34 ----A---- C:\Windows\system32\MRT.exe
2014-12-10 11:18:05 ----D---- C:\Windows\system32\catroot2
2014-12-09 16:45:49 ----RD---- C:\Program Files (x86)\Skype
2014-12-09 16:45:47 ----D---- C:\ProgramData\Skype
2014-12-09 16:19:39 ----D---- C:\Users\Daniel\AppData\Roaming\gtk-2.0
2014-12-08 17:34:13 ----D---- C:\Users\Daniel\AppData\Roaming\Spotify
2014-12-05 15:44:24 ----D---- C:\Program Files (x86)\IObit
2014-11-30 07:05:23 ----D---- C:\Windows\system32\NDF
2014-11-28 13:27:58 ----D---- C:\Windows\tracing
2014-11-28 13:24:37 ----D---- C:\Users\Daniel\AppData\Roaming\IObit
2014-11-28 13:24:37 ----D---- C:\ProgramData\IObit
2014-11-25 22:00:29 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-11-25 22:00:29 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-11-25 22:00:29 ----A---- C:\Windows\SYSWOW64\java.exe
2014-11-24 18:28:56 ----D---- C:\Users\Daniel\AppData\Roaming\TERA
2014-11-24 17:27:12 ----D---- C:\Program Files (x86)\Strife
2014-11-23 16:37:10 ----D---- C:\Program Files (x86)\Google
2014-11-23 15:54:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-23 09:05:32 ----D---- C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite
2014-11-18 18:02:43 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-11-18 18:02:32 ----D---- C:\Windows\system32\DriverStore
2014-11-16 21:37:19 ----D---- C:\Program Files\NVIDIA Corporation
2014-11-16 21:21:41 ----SD---- C:\Windows\system32\CompatTel
2014-11-16 12:49:59 ----D---- C:\Users\Daniel\AppData\Roaming\uTorrent
2014-11-15 09:51:41 ----D---- C:\Users\Daniel\AppData\Roaming\vlc
2014-11-15 09:43:10 ----D---- C:\ProgramData\Orbit
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-12-14 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-12-14 267632]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-12-14 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-12-14 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-12-14 436624]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-19 283200]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 91568]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-12-14 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-12-14 83280]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-02-03 88480]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-02-03 46400]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-09-17 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-11-06 19784]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-10-03 38216]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
R3 SaiK0CCC;SaiK0CCC; C:\Windows\system32\DRIVERS\SaiK0CCC.sys [2012-09-20 180544]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2012-01-24 24640]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2012-01-24 52160]
R3 SaiU0CCC;SaiU0CCC; C:\Windows\system32\DRIVERS\SaiU0CCC.sys [2012-09-20 47168]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-04-24 536576]
R3 tihub3;TI USB3 Hub Service; C:\Windows\system32\drivers\tihub3.sys [2011-01-18 125552]
R3 tixhci;TI XHCI Service; C:\Windows\system32\drivers\tixhci.sys [2011-02-22 382024]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-12-14 116728]
S3 cleanhlp;cleanhlp; C:\Windows\system32\drivers\cleanhlp.sys []
S3 CpqDfw;Compaq Dfw; C:\Windows\system32\drivers\CpqDfw.sys [2012-05-29 27456]
S3 cqcpu;Compaq Cpu Diagnostics; C:\Windows\system32\drivers\cqcpu.sys [2010-03-01 24376]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-10-28 107288]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2014-11-23 15920]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2010-12-02 171008]
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\syswow64\npptNT2.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudobex.sys [2012-02-15 203320]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys [2010-11-01 14544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-08-18 893216]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-11-06 1148744]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-11-06 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-11-06 19819848]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-11-12 934032]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-06-01 75136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 SpyHunter 4 Service;SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [2014-11-23 1025920]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-04-24 318464]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-11-12 409800]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-11-28 2631456]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S2 TBSrv;Toolbar Service; C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2014-06-21 25832]
S3 EvoSvc;Evolve Service; C:\Program Files\Echobit\Evolve\EvoSvc.exe [2014-01-24 1579424]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-29 654848]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-01-17 227904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2011-03-28 4323256]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-10 1900400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-23 833728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-10-06 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119557
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Dvouklikem na soubor C:\Program Files\trend micro\Daniel.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {124d001a-bdcb-472f-aa59-bbe7e4bc3204} - (no file)
R3 - URLSearchHook: (no name) - {31264a33-a653-46c4-af49-1232c59a7da5} - (no file)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Omlouvám se, jen jestli jsem dobře pochopil v té složce C:\Program Files\trend micro mám 2x .exe soubor, Daniel.exe a hijackthis.exe čili mám pracovat stím hijackthis.exe ? Děkuji
-
Rudy
- Site Admin
- Příspěvky: 119557
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Rudy píše:Dvouklikem na soubor C:\Program Files\trend micro\Daniel.exe....
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Děkuji mockrát za pomoc, ochotu a váš čas.
-
Rudy
- Site Admin
- Příspěvky: 119557
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?