DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17239
Run by Adela at 0:25:05 on 2015-01-01
#Option Extended Search is enabled.
#Option Whitelisting is disabled.
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.2927.1607 [GMT 1:00]
.
AV: McAfee® Total Protection™ Service *Disabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee® Total Protection™ Service *Disabled/Outdated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee® Total Protection™ Service *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\spoolsv.exe
c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
C:\ProgramData\DatacardService\DCService.exe
c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe
C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Motorola\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\sppsvc.exe
C:\ProgramData\Premium\WxDFast\WxDFast.exe
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Adela\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\wuauclt.exe
C:\windows\system32\taskeng.exe
C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?affID=112477&tt=120912_cpc_3812_6&babsrc=HP_ss&mntrId=9a7b563c000000000000001e101f2b52
uLocal Page = C:\windows\System32\blank.htm
uSearch Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
uDefault_Page_URL = hxxp://www.bing.com
mStart Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
mLocal Page = C:\Windows\SysWOW64\blank.htm
mSearch Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
mDefault_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
mDefault_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
uURLSearchHooks: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - <orphaned>
mWinlogon: Shell = explorer.exe
mWinlogon: Userinit = userinit.exe
BHO: {3134413B-49B4-425C-98A5-893C1F195601} - <orphaned>
BHO: {395610AE-C624-4f58-B89E-23733EA00F9A} - <orphaned>
BHO: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - <orphaned>
BHO: {7BA650CB-F59A-ADBE-4CFE-059D39A8C91B} - <orphaned>
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - <orphaned>
BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - <orphaned>
BHO: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - <orphaned>
BHO: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - <orphaned>
uRun: [Google Update] "C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Facebook Update] "C:\Users\Adela\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: ForceActiveDesktopOn = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableInstallerDetection = dword:1
mPolicies-System: EnableLUA = dword:1
mPolicies-System: EnableSecureUIAPaths = dword:1
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: EnableVirtualization = dword:1
mPolicies-System: PromptOnSecureDesktop = dword:1
mPolicies-System: ValidateAdminCodeSignatures = dword:0
mPolicies-System: dontdisplaylastusername = dword:0
mPolicies-System: scforceoption = dword:0
mPolicies-System: shutdownwithoutlogon = dword:1
mPolicies-System: undockwithoutlogon = dword:1
mPolicies-System: FilterAdministratorToken = dword:0
IE: E&xportovať do programu Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - <orphaned>
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - <orphaned>
IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
LSP: %SystemRoot%\system32\mswsock.dll
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{26BC5ABE-B874-497C-B471-B52AAD3292D8} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{26BC5ABE-B874-497C-B471-B52AAD3292D8}\449616760223 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{26BC5ABE-B874-497C-B471-B52AAD3292D8}\4505D2C494E4B4 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{26BC5ABE-B874-497C-B471-B52AAD3292D8}\45F6D6163702D20296D41636 : DHCPNameServer = 10.0.2.1
TCP: Interfaces\{26BC5ABE-B874-497C-B471-B52AAD3292D8}\544696D61687 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{26BC5ABE-B874-497C-B471-B52AAD3292D8}\76164756771697 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{5326CF9C-0631-45F9-B524-6CBA7F024EE2} : NameServer = 213.151.200.30 213.151.208.161
TCP: Interfaces\{60025A5D-ECDE-41B6-8512-E9BC1F231AA1} : NameServer = 213.151.222.34 85.237.225.250
TCP: Interfaces\{727D2BAE-9DB6-42DC-AFB0-71953D601526} : NameServer = 213.151.222.34 85.237.225.250
TCP: Interfaces\{D64F5F6F-9FF4-4D44-82B9-3E630E9FB898} : NameServer = 85.237.225.250 213.151.222.34
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - <orphaned>
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - <orphaned>
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - <orphaned>
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - <orphaned>
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - <orphaned>
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - <orphaned>
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - <orphaned>
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - <orphaned>
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - <orphaned>
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - <orphaned>
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - <orphaned>
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - <orphaned>
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - <orphaned>
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - <orphaned>
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - <orphaned>
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - <orphaned>
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - <orphaned>
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - <orphaned>
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - <orphaned>
Handler: myrm - {4D034FC3-013F-4b95-B544-44D49ABE3E76} - <orphaned>
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - <orphaned>
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - <orphaned>
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - <orphaned>
Name-Space Handler: mk\* - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - <orphaned>
Notify: DeviceNP - DeviceNP.dll
SSODL: WebCheck - <orphaned>
SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>
SecurityProviders: SecurityProviders = credssp.dll
LSA: Authentication Packages = msv1_0
LSA: Notification Packages = DPPassFilter scecli
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 winsrv:ConServerDllInitialization,2 sxssrv,4
mASetup: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\windows\System32\unregmp2.exe /ShowWMP
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\windows\System32\regsvr32.exe /s /n /i:/UserInstall C:\windows\System32\themeui.dll
mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\windows\System32\cmd.exe /D /C start C:\windows\System32\ie4uinit.exe -ClearIconCache
mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "C:\Program Files (x86)\Windows Mail\WinMail.exe" OCInstallUserConfigOE
mASetup: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\windows\System32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
mASetup: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - <is not referencing any dll>
x64-mStart Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
x64-mLocal Page = C:\windows\System32\blank.htm
x64-mSearch Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
x64-mDefault_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
x64-mDefault_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
x64-mWinlogon: Shell = explorer.exe
x64-mWinlogon: Userinit = C:\windows\System32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
x64-BHO: HP ProtectTools Security Manager Extension: {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
x64-Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -
x64-Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -
x64-Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\windows\System32\mshtml.dll
x64-Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\windows\System32\urlmon.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
x64-Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\windows\System32\MSVidCtl.dll
x64-Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\windows\System32\urlmon.dll
x64-Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\windows\System32\urlmon.dll
x64-Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\windows\System32\urlmon.dll
x64-Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\windows\System32\urlmon.dll
x64-Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\windows\System32\itss.dll
x64-Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\windows\System32\mshtml.dll
x64-Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\windows\System32\urlmon.dll
x64-Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\windows\System32\mshtml.dll
x64-Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\windows\System32\inetcomm.dll
x64-Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\windows\System32\urlmon.dll
x64-Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - <orphaned>
x64-Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\windows\System32\itss.dll
x64-Handler: myrm - {4D034FC3-013F-4b95-B544-44D49ABE3E76} - <orphaned>
x64-Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\windows\System32\mshtml.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\windows\System32\MSVidCtl.dll
x64-Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\windows\System32\mshtml.dll
x64-Name-Space Handler: mk\* - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\windows\System32\itss.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-mASetup: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\windows\System32\unregmp2.exe /ShowWMP
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\windows\System32\regsvr32.exe /s /n /i:/UserInstall C:\windows\System32\themeui.dll
x64-mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\windows\System32\cmd.exe /D /C start C:\windows\System32\ie4uinit.exe -ClearIconCache
x64-mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "C:\Program Files (x86)\Windows Mail\WinMail.exe" OCInstallUserConfigOE
x64-mASetup: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\windows\System32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\windows\System32\ie4uinit.exe -UserConfig
x64-mASetup: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\windows\System32\Rundll32.exe C:\windows\System32\mscories.dll,Install
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\windows\System32\shell32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 ACPI;Microsoft ACPI Driver;C:\windows\System32\drivers\acpi.sys [2011-12-4 334208]
R0 amdxata;amdxata;C:\windows\System32\drivers\amdxata.sys [2011-11-28 27008]
R0 CLFS;Common Log (CLFS);C:\windows\System32\clfs.sys [2009-7-14 367696]
R0 CNG;CNG;C:\windows\System32\drivers\cng.sys [2013-11-22 458712]
R0 Compbatt;Microsoft Composite Battery Driver;C:\windows\System32\drivers\compbatt.sys [2009-7-14 21584]
R0 Disk;Disk Driver;C:\windows\System32\drivers\disk.sys [2009-7-14 73280]
R0 FileInfo;File Information FS MiniFilter;C:\windows\System32\drivers\fileinfo.sys [2009-7-14 70224]
R0 FltMgr;FltMgr;C:\windows\System32\drivers\fltMgr.sys [2011-12-4 289664]
R0 fvevol;Bitlocker Drive Encryption Filter Driver;C:\windows\System32\drivers\fvevol.sys [2013-4-10 223752]
R0 hpdskflt;HP Filter;C:\windows\System32\drivers\hpdskflt.sys [2009-7-8 30008]
R0 hwpolicy;Hardware Policy Driver;C:\windows\System32\drivers\hwpolicy.sys [2011-12-4 14720]
R0 iaStor;Intel AHCI Controller;C:\windows\System32\drivers\iaStor.sys [2010-3-4 540696]
R0 KSecDD;KSecDD;C:\windows\System32\drivers\ksecdd.sys [2014-5-19 95680]
R0 KSecPkg;KSecPkg;C:\windows\System32\drivers\ksecpkg.sys [2014-5-19 155072]
R0 mountmgr;Mount Point Manager;C:\windows\System32\drivers\mountmgr.sys [2011-12-4 94592]
R0 msisadrv;msisadrv;C:\windows\System32\drivers\msisadrv.sys [2009-7-14 15424]
R0 Mup;Mup;C:\windows\System32\drivers\mup.sys [2009-7-14 60496]
R0 NDIS;NDIS System Driver;C:\windows\System32\drivers\ndis.sys [2012-9-12 950128]
R0 partmgr;Partition Manager;C:\windows\System32\drivers\partmgr.sys [2012-5-12 75120]
R0 pci;PCI Bus Driver;C:\windows\System32\drivers\pci.sys [2011-12-4 184704]
R0 pcw;Performance Counters for Windows Driver;C:\windows\System32\drivers\pcw.sys [2009-7-14 50768]
R0 rdyboost;ReadyBoost;C:\windows\System32\drivers\rdyboost.sys [2011-12-4 213888]
R0 SbAlg;SbAlg;C:\windows\System32\drivers\SbAlg.sys [2009-6-4 60160]
R0 SbFsLock;SbFsLock;C:\windows\System32\drivers\SbFsLock.sys [2009-12-16 15688]
R0 spldr;Security Processor Loader Driver;C:\windows\System32\drivers\spldr.sys [2009-7-13 19008]
R0 vdrvroot;Microsoft Virtual Drive Enumerator Driver;C:\windows\System32\drivers\vdrvroot.sys [2009-7-14 36432]
R0 volmgr;Volume Manager Driver;C:\windows\System32\drivers\volmgr.sys [2011-12-4 71552]
R0 volmgrx;Dynamic Volume Manager;C:\windows\System32\drivers\volmgrx.sys [2011-12-4 363392]
R0 volsnap;Storage volumes;C:\windows\System32\drivers\volsnap.sys [2011-12-4 295808]
R0 Wdf01000;Kernel Mode Driver Frameworks service;C:\windows\System32\drivers\Wdf01000.sys [2013-10-11 785624]
R1 AFD;Ancillary Function Driver for Winsock;C:\windows\System32\drivers\afd.sys [2014-7-9 497152]
R1 Beep;Beep;C:\windows\System32\drivers\beep.sys [2009-7-14 6656]
R1 blbdrive;blbdrive;C:\windows\System32\drivers\blbdrive.sys [2009-7-14 45056]
R1 cdrom;CD-ROM Driver;C:\windows\System32\drivers\cdrom.sys [2011-12-4 147456]
R1 DfsC;DFS Namespace Client Driver;C:\windows\System32\drivers\dfsc.sys [2011-12-4 102400]
R1 discache;System Attribute Cache;C:\windows\System32\drivers\discache.sys [2009-7-14 40448]
R1 Msfs;Msfs;C:\windows\System32\drivers\msfs.sys [2009-7-14 26112]
R1 mssmbios;Microsoft System Management BIOS Driver;C:\windows\System32\drivers\mssmbios.sys [2009-7-14 32320]
R1 NetBIOS;NetBIOS Interface;C:\windows\System32\drivers\netbios.sys [2009-7-14 44544]
R1 NetBT;NetBT;C:\windows\System32\drivers\netbt.sys [2011-12-4 261632]
R1 Npfs;Npfs;C:\windows\System32\drivers\npfs.sys [2009-7-14 44032]
R1 nsiproxy;NSI proxy service driver.;C:\windows\System32\drivers\nsiproxy.sys [2009-7-14 24576]
R1 Null;Null;C:\windows\System32\drivers\null.sys [2009-7-14 6144]
R1 Psched;QoS Packet Scheduler;C:\windows\System32\drivers\pacer.sys [2011-12-4 131584]
R1 rdbss;Redirected Buffering Sub Sysytem;C:\windows\System32\drivers\rdbss.sys [2011-12-4 309248]
R1 RDPCDD;RDPCDD;C:\windows\System32\drivers\RDPCDD.sys [2009-7-14 7680]
R1 RDPENCDD;RDP Encoder Mirror Driver;C:\windows\System32\drivers\RDPENCDD.sys [2009-7-14 7680]
R1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;C:\windows\System32\drivers\RDPREFMP.sys [2009-7-14 8192]
R1 RsvLock;RsvLock;C:\windows\System32\drivers\RsvLock.sys [2009-12-16 58184]
R1 Tcpip;Ovládač protokolu TCP/IP;C:\windows\System32\drivers\tcpip.sys [2014-6-11 1903552]
R1 tdx;Sieťový vstupno-výstupný ovládač staršej verzie na podporu zariadení TDI;C:\windows\System32\drivers\tdx.sys [2011-12-4 119296]
R1 TermDD;Terminal Device Driver;C:\windows\System32\drivers\termdd.sys [2011-12-4 63360]
R1 VgaSave;VgaSave;C:\windows\System32\drivers\vga.sys [2009-7-14 29184]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R1 Wanarpv6;Remote Access IPv6 ARP Driver;C:\windows\System32\drivers\wanarp.sys [2011-12-4 88576]
R1 WfpLwf;WFP Lightweight Filter;C:\windows\System32\drivers\wfplwf.sys [2009-7-14 12800]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AESTFilters;Andrea ST Filters Service;C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [2011-8-29 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio;C:\Program Files\LSI SoftModem\agr64svc.exe [2009-11-2 16896]
R2 AudioEndpointBuilder;Windows Audio Endpoint Builder;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
R2 AudioSrv;Windows Audio;C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-14 27136]
R2 BFE;Base Filtering Engine;C:\windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-14 27136]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2011-8-29 677128]
R2 CryptSvc;Cryptographic Services;C:\windows\System32\svchost.exe -k NetworkService [2009-7-14 27136]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
R2 DcomLaunch;DCOM Server Process Launcher;C:\windows\System32\svchost.exe -k DcomLaunch [2009-7-14 27136]
R2 DCService.exe;DCService.exe;C:\ProgramData\DatacardService\DCService.exe [2010-9-29 249856]
R2 Dhcp;DHCP Client;C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-14 27136]
R2 Dnscache;DNS Client;C:\windows\System32\svchost.exe -k NetworkService [2009-7-14 27136]
R2 DpHost;Biometric Authentication Service;C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2009-11-25 462088]
R2 DPS;Diagnostic Policy Service;C:\windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-14 27136]
R2 eventlog;Windows Event Log;C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-14 27136]
R2 EventSystem;COM+ Event System;C:\windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
R2 FontCache;Windows Font Cache Service;C:\windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
R2 gpsvc;Klient skupinovej politiky;C:\windows\System32\svchost.exe -k GPSvcGroup [2009-7-14 27136]
R2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-6-19 103992]
R2 HP ProtectTools Service;HP ProtectTools Service;C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2009-11-18 36864]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-4-5 103992]
R2 HPDayStarterService;HP DayStarter Service;C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-5-10 90112]
R2 HpFkCryptService;Drive Encryption Service;C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-12-16 281192]
R2 HPFSService;File Sanitizer for HP ProtectTools;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984]
R2 hpsrv;HP Service;C:\windows\System32\hpservice.exe [2009-7-8 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-9-3 13336]
R2 IKEEXT;IKE and AuthIP IPsec Keying Modules;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 iphlpsvc;IP Helper;C:\windows\System32\svchost.exe -k NetSvcs [2009-7-14 27136]
R2 LanmanServer;Server;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 LanmanWorkstation;Workstation;C:\windows\System32\svchost.exe -k NetworkService [2009-7-14 27136]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service;C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-6-17 73728]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;C:\windows\System32\drivers\lltdio.sys [2009-7-14 60928]
R2 lmhosts;TCP/IP NetBIOS Helper;C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-8-29 268824]
R2 luafv;UAC File Virtualization;C:\windows\System32\drivers\luafv.sys [2009-7-14 113152]
R2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service;C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe [2009-8-7 222528]
R2 MMCSS;Multimedia Class Scheduler;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 MpsSvc;Brána Windows Firewall;C:\windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-14 27136]
R2 myAgtSvc;McAfee Virus and Spyware Protection Service;C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe [2010-9-3 282824]
R2 NlaSvc;Network Location Awareness;C:\windows\System32\svchost.exe -k NetworkService [2009-7-14 27136]
R2 nsi;Network Store Interface Service;C:\windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
R2 PcaSvc;Program Compatibility Assistant Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-9-3 635416]
R2 PEAUTH;PEAUTH;C:\windows\System32\drivers\PEAuth.sys [2009-7-14 651264]
R2 PlugPlay;Plug and Play;C:\windows\System32\svchost.exe -k DcomLaunch [2009-7-14 27136]
R2 Power;Power;C:\windows\System32\svchost.exe -k DcomLaunch [2009-7-14 27136]
R2 ProfSvc;User Profile Service;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 PSI_SVC_2;Protexis Licensing V2;C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-7-24 185632]
R2 RpcEptMapper;RPC Endpoint Mapper;C:\windows\System32\svchost.exe -k RPCSS [2009-7-14 27136]
R2 RpcSs;Remote Procedure Call (RPC);C:\windows\System32\svchost.exe -k rpcss [2009-7-14 27136]
R2 rspndr;Link-Layer Topology Discovery Responder;C:\windows\System32\drivers\rspndr.sys [2009-7-14 76800]
R2 SamSs;Security Accounts Manager;C:\windows\System32\lsass.exe [2014-5-19 31232]
R2 secdrv;Security Driver;C:\windows\System32\drivers\secdrv.sys [2009-7-14 23040]
R2 SENS;System Event Notification Service;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 ShellHWDetection;Rozpoznávanie hardvéru;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 Schedule;Plánovač úloh;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 Spooler;Print Spooler;C:\windows\System32\spoolsv.exe [2012-8-15 559104]
R2 sppsvc;Software Protection;C:\windows\System32\sppsvc.exe [2011-12-4 3524608]
R2 STacSV;Audio Service;C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe [2011-8-29 244736]
R2 stisvc;Načítavanie obrázkov (WIA);C:\windows\System32\svchost.exe -k imgsvc [2009-7-14 27136]
R2 SysMain;Rýchle načítanie;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
R2 tcpipreg;TCP/IP Registry Compatibility;C:\windows\System32\drivers\tcpipreg.sys [2012-11-16 45568]
R2 Themes;Themes;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 TrkWks;Distributed Link Tracking Client;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-8-29 2320920]
R2 UxSms;Správca relácie Správcu okien na pracovnej ploche;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
R2 WinDefend;Windows Defender;C:\windows\System32\svchost.exe -k secsvcs [2009-7-14 27136]
R2 Winmgmt;Windows Management Instrumentation;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 Wlansvc;WLAN AutoConfig;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant;C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-8-18 2291568]
R2 WMPNetworkSvc;Windows Media Player - služba zdieľania v sieti;C:\Program Files\Windows Media Player\wmpnetwk.exe [2011-12-4 1525248]
R2 wscsvc;Security Center;C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-14 27136]
R2 WSearch;Windows Search;C:\windows\System32\SearchIndexer.exe [2011-9-8 591872]
R2 wuauserv;Windows Update;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R2 WwanSvc;WWAN AutoConfig;C:\windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-14 27136]
R3 Accelerometer;HP Accelerometer;C:\windows\System32\drivers\Accelerometer.sys [2009-7-8 41272]
R3 AeLookupSvc;Application Experience;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R3 AgereSoftModem;Agere Systems Soft Modem;C:\windows\System32\drivers\agrsm64.sys [2009-11-2 1209856]
R3 Appinfo;Application Information;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R3 BITS;Background Intelligent Transfer Service;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R3 Bluetooth Device Manager;Bluetooth Device Manager;C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2011-8-29 4181256]
R3 bowser;Browser Support Driver;C:\windows\System32\drivers\bowser.sys [2011-9-8 90624]
R3 Browser;Computer Browser;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R3 BTMUSB;Motorola Bluetooth Radio Service;C:\windows\System32\drivers\btmusb.sys [2011-8-29 3232768]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver;C:\windows\System32\drivers\CmBatt.sys [2009-7-14 17664]
R3 CompositeBus;Composite Bus Enumerator Driver;C:\windows\System32\drivers\CompositeBus.sys [2011-12-4 38912]
R3 DXGKrnl;LDDM Graphics Subsystem;C:\windows\System32\drivers\dxgkrnl.sys [2014-8-17 985536]
R3 EapHost;Extensible Authentication Protocol;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R3 fastfat;FAT12/16/32 File System Driver;C:\windows\System32\drivers\fastfat.sys [2009-7-14 204800]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-8-29 1028096]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio;C:\windows\System32\drivers\hdaudbus.sys [2011-12-4 122368]
R3 HECIx64;Intel(R) Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 HidUsb;Microsoft HID Class Driver;C:\windows\System32\drivers\hidusb.sys [2011-12-4 30208]
R3 HpqKbFiltr;HpqKbFilter Driver;C:\windows\System32\drivers\HpqKbFiltr.sys [2010-2-16 25912]
R3 HTTP;HTTP;C:\windows\System32\drivers\http.sys [2011-12-4 753664]
R3 huawei_enumerator;huawei_enumerator;C:\windows\System32\drivers\ew_jubusenum.sys [2011-12-27 86016]
R3 i8042prt;i8042 Keyboard and PS/2 Mouse Port Driver;C:\windows\System32\drivers\i8042prt.sys [2009-7-14 105472]
R3 igfx;igfx;C:\windows\System32\drivers\igdkmd64.sys [2010-2-20 10300800]
R3 Impcd;Impcd;C:\windows\System32\drivers\Impcd.sys [2010-2-10 158720]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-2-3 271872]
R3 intelppm;Intel Processor Driver;C:\windows\System32\drivers\intelppm.sys [2009-7-14 62464]
R3 kbdclass;Keyboard Class Driver;C:\windows\System32\drivers\kbdclass.sys [2009-7-14 50768]
R3 KeyIso;CNG Key Isolation;C:\windows\System32\lsass.exe [2014-5-19 31232]
R3 ksthunk;Kernel Streaming Thunks;C:\windows\System32\drivers\ksthunk.sys [2009-7-14 20992]
R3 Modem;Modem;C:\windows\System32\drivers\modem.sys [2009-7-14 40448]
R3 monitor;Microsoft Monitor Class Function Driver Service;C:\windows\System32\drivers\monitor.sys [2009-7-14 30208]
R3 mouclass;Mouse Class Driver;C:\windows\System32\drivers\mouclass.sys [2009-7-14 49216]
R3 mouhid;Mouse HID Driver;C:\windows\System32\drivers\mouhid.sys [2009-7-14 31232]
R3 mpsdrv;Ovládač overenia brány Windows Firewall;C:\windows\System32\drivers\mpsdrv.sys [2009-7-14 77312]
R3 mrxsmb;SMB MiniRedirector Wrapper and Engine;C:\windows\System32\drivers\mrxsmb.sys [2011-9-8 158208]
R3 mrxsmb10;SMB 1.x MiniRedirector;C:\windows\System32\drivers\mrxsmb10.sys [2011-9-8 288768]
R3 mrxsmb20;SMB 2.0 MiniRedirector;C:\windows\System32\drivers\mrxsmb20.sys [2011-9-8 128000]
R3 NativeWifiP;NativeWiFi Filter;C:\windows\System32\drivers\nwifi.sys [2009-7-14 318976]
R3 NdisTapi;Remote Access NDIS TAPI Driver;C:\windows\System32\drivers\ndistapi.sys [2009-7-14 24064]
R3 Ndisuio;NDIS Usermode I/O Protocol;C:\windows\System32\drivers\ndisuio.sys [2011-12-4 56832]
R3 NdisWan;Remote Access NDIS WAN Driver;C:\windows\System32\drivers\ndiswan.sys [2011-12-4 164352]
R3 NDProxy;NDIS Proxy;C:\windows\System32\drivers\ndproxy.sys [2011-12-4 57856]
R3 Netman;Sieťové pripojenia;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
R3 netprofm;Network List Service;C:\windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\windows\System32\drivers\netr28x.sys [2011-8-29 931168]
R3 Ntfs;Ntfs;C:\windows\System32\drivers\ntfs.sys [2014-4-10 1684928]
R3 PptpMiniport;WAN Miniport (PPTP);C:\windows\System32\drivers\raspptp.sys [2011-12-4 111104]
R3 RasAgileVpn;WAN Miniport (IKEv2);C:\windows\System32\drivers\agilevpn.sys [2009-7-14 60416]
R3 Rasl2tp;WAN Miniport (L2TP);C:\windows\System32\drivers\rasl2tp.sys [2011-12-4 129536]
R3 RasMan;Remote Access Connection Manager;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
R3 RasPppoe;Remote Access PPPOE Driver;C:\windows\System32\drivers\raspppoe.sys [2009-7-14 92672]
R3 RasSstp;WAN Miniport (SSTP);C:\windows\System32\drivers\rassstp.sys [2009-7-14 83968]
R3 rtsuvc;HP Webcam [2 MP Fixed];C:\windows\System32\drivers\rtsuvc.sys [2011-8-29 89216]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
R3 srv;Server SMB 1.xxx Driver;C:\windows\System32\drivers\srv.sys [2011-9-8 467456]
R3 srv2;Server SMB 2.xxx Driver;C:\windows\System32\drivers\srv2.sys [2011-9-8 410112]
R3 srvnet;srvnet;C:\windows\System32\drivers\srvnet.sys [2011-9-8 168448]
R3 SSDPSRV;SSDP Discovery;C:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
R3 SstpSvc;Secure Socket Tunneling Protocol Service;C:\windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
R3 STHDA;IDT High Definition Audio CODEC;C:\windows\System32\drivers\stwrt64.sys [2011-8-29 505856]
R3 swenum;Software Bus Driver;C:\windows\System32\drivers\swenum.sys [2009-7-14 12496]
R3 TapiSrv;Telefonovanie;C:\windows\System32\svchost.exe -k NetworkService [2009-7-14 27136]
R3 tunnel;Microsoft Tunnel Miniport Adapter Driver;C:\windows\System32\drivers\tunnel.sys [2011-12-4 125440]
R3 umbus;UMBus Enumerator Driver;C:\windows\System32\drivers\umbus.sys [2011-12-4 48640]
R3 upnphost;UPnP Device Host;C:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
R3 usbccgp;Microsoft USB Generic Parent Driver;C:\windows\System32\drivers\usbccgp.sys [2014-1-17 99840]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver;C:\windows\System32\drivers\usbehci.sys [2014-1-17 53248]
R3 usbhub;Microsoft USB Standard Hub Driver;C:\windows\System32\drivers\usbhub.sys [2014-1-17 343040]
R3 vwifibus;Virtual WiFi Bus Driver;C:\windows\System32\drivers\vwifibus.sys [2009-7-14 24576]
R3 W32Time;Windows Time;C:\windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
R3 WdiServiceHost;Diagnostic Service Host;C:\windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
R3 WdiSystemHost;Diagnostic System Host;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
R3 WinHttpAutoProxySvc;WinHTTP Web Proxy Auto-Discovery Service;C:\windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI;C:\windows\System32\drivers\wmiacpi.sys [2009-7-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-5-13 270624]
S2 hpHotkeyMonitor;HP Hotkey Monitor;C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-3-1 264248]
S2 KMService;KMService;C:\windows\System32\srvany.exe --> C:\windows\System32\srvany.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 vcsFPService;Validity VCS Fingerprint Service;C:\windows\System32\vcsFPService.exe [2009-12-14 2019120]
S3 1394ohci;1394 OHCI Compliant Host Controller;C:\windows\System32\drivers\1394ohci.sys [2011-12-4 229888]
S3 ACDaemon;ArcSoft Connect Daemon;C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-3-18 113152]
S3 AcpiPmi;ACPI Power Meter Driver;C:\windows\System32\drivers\acpipmi.sys [2011-12-4 12800]
S3 adp94xx;adp94xx;C:\windows\System32\drivers\adp94xx.sys [2009-6-10 491088]
S3 adpahci;adpahci;C:\windows\System32\drivers\adpahci.sys [2009-7-13 339536]
S3 adpu320;adpu320;C:\windows\System32\drivers\adpu320.sys [2009-7-13 182864]
S3 agp440;Intel AGP Bus Filter;C:\windows\System32\drivers\AGP440.sys [2009-7-14 61008]
S3 ALG;Application Layer Gateway Service;C:\windows\System32\alg.exe [2009-7-14 79360]
S3 aliide;aliide;C:\windows\System32\drivers\aliide.sys [2009-7-14 15440]
S3 amdide;amdide;C:\windows\System32\drivers\amdide.sys [2009-7-14 15440]
S3 AmdK8;AMD K8 Processor Driver;C:\windows\System32\drivers\amdk8.sys [2009-7-14 64512]
S3 AmdPPM;AMD Processor Driver;C:\windows\System32\drivers\amdppm.sys [2009-7-14 60928]
S3 amdsata;amdsata;C:\windows\System32\drivers\amdsata.sys [2011-11-28 107904]
S3 amdsbs;amdsbs;C:\windows\System32\drivers\amdsbs.sys [2009-6-10 194128]
S3 AppID;AppID Driver;C:\windows\System32\drivers\appid.sys [2011-12-4 61440]
S3 AppIDSvc;Application Identity;C:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
S3 arc;arc;C:\windows\System32\drivers\arc.sys [2009-7-13 87632]
S3 arcsas;arcsas;C:\windows\System32\drivers\arcsas.sys [2009-7-13 97856]
S3 AsyncMac;RAS Asynchronous Media Driver;C:\windows\System32\drivers\asyncmac.sys [2009-7-14 23040]
S3 atapi;IDE Channel;C:\windows\System32\drivers\atapi.sys [2009-7-14 24128]
S3 AxInstSV;ActiveX Installer (AxInstSV);C:\windows\System32\svchost.exe -k AxInstSVGroup [2009-7-14 27136]
S3 b06bdrv;Broadcom NetXtreme II VBD;C:\windows\System32\drivers\bxvbda.sys [2009-6-10 468480]
S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\windows\System32\drivers\b57nd60a.sys [2009-6-10 270848]
S3 BDESVC;BitLocker Drive Encryption Service;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2011-8-29 1096968]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;C:\windows\System32\drivers\BrFiltLo.sys [2009-7-14 18432]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;C:\windows\System32\drivers\BrFiltUp.sys [2009-7-14 8704]
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM);C:\windows\System32\drivers\BrSerId.sys [2009-7-14 286720]
S3 BrSerWdm;Brother WDM Serial driver;C:\windows\System32\drivers\BrSerWdm.sys [2009-7-14 47104]
S3 BrUsbMdm;Brother MFC USB Fax Only Modem;C:\windows\System32\drivers\BrUsbMdm.sys [2009-7-14 14976]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver;C:\windows\System32\drivers\BrUsbSer.sys [2009-7-14 14720]
S3 BthEnum;Bluetooth Request Block Driver;C:\windows\System32\drivers\bthenum.sys [2009-7-14 41984]
S3 BTHMODEM;Bluetooth Serial Communications Driver;C:\windows\System32\drivers\bthmodem.sys [2009-7-14 72192]
S3 BthPan;Bluetooth Device (Personal Area Network);C:\windows\System32\drivers\bthpan.sys [2009-7-14 118784]
S3 BTHPORT;Bluetooth Port Driver;C:\windows\System32\drivers\bthport.sys [2012-8-16 552960]
S3 bthserv;Bluetooth Support Service;C:\windows\System32\svchost.exe -k bthsvcs [2009-7-14 27136]
S3 BTHUSB;Bluetooth Radio USB Driver;C:\windows\System32\drivers\BTHUSB.SYS [2011-11-28 80384]
S3 BTMCOM;Bluetooth Serial Port;C:\windows\System32\drivers\btmcom.sys [2011-8-29 52736]
S3 CertPropSvc;Šírenie certifikátu;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 circlass;Consumer IR Devices;C:\windows\System32\drivers\circlass.sys [2009-7-14 45568]
S3 cmdide;cmdide;C:\windows\System32\drivers\cmdide.sys [2009-7-14 17488]
S3 COMSysApp;COM+ System Application;C:\windows\System32\dllhost.exe [2009-7-14 9728]
S3 DAMDrv;DAMDrv;C:\windows\System32\drivers\DAMDrv64.sys [2009-10-21 40760]
S3 DEBridge;DEBridge;C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2009-12-16 704512]
S3 defragsvc;Defragmentácia disku;C:\windows\System32\svchost.exe -k defragsvc [2009-7-14 27136]
S3 dot3svc;Wired AutoConfig;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 drmkaud;Microsoft Trusted Audio Drivers;C:\windows\System32\drivers\drmkaud.sys [2009-7-14 5632]
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;C:\windows\System32\drivers\evbda.sys [2009-6-10 3286016]
S3 EFS;Encrypting File System (EFS);C:\windows\System32\lsass.exe [2014-5-19 31232]
S3 ehRecvr;Windows Media Center Receiver Service;C:\Windows\ehome\ehrecvr.exe [2011-12-4 696832]
S3 ehSched;Windows Media Center Scheduler Service;C:\Windows\ehome\ehsched.exe [2009-7-14 127488]
S3 elxstor;elxstor;C:\windows\System32\drivers\elxstor.sys [2009-6-10 530496]
S3 ErrDev;Microsoft Hardware Error Device Driver;C:\windows\System32\drivers\errdev.sys [2009-7-14 9728]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\windows\System32\drivers\ew_hwusbdev.sys [2011-12-27 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\windows\System32\drivers\ew_usbenumfilter.sys [2011-12-27 13952]
S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\windows\System32\drivers\ewusbnet.sys [2011-12-27 256000]
S3 exfat;exFAT File System Driver;C:\windows\System32\drivers\exfat.sys [2009-7-14 195072]
S3 Fax;Fax;C:\windows\System32\FXSSVC.exe [2011-12-4 689152]
S3 fdc;Floppy Disk Controller Driver;C:\windows\System32\drivers\fdc.sys [2009-7-14 29696]
S3 fdPHost;Function Discovery Provider Host;C:\windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
S3 FDResPub;Function Discovery Resource Publication;C:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
S3 Filetrace;Filetrace;C:\windows\System32\drivers\filetrace.sys [2009-7-14 34304]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;C:\Windows\SysWOW64\flcdlock.exe [2009-11-17 362040]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service;C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-8-29 647680]
S3 flpydisk;Floppy Disk Driver;C:\windows\System32\drivers\flpydisk.sys [2009-7-14 24576]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0;C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [2011-12-4 42856]
S3 FsDepends;File System Dependency Minifilter;C:\windows\System32\drivers\fsdepends.sys [2009-7-14 55376]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms;C:\windows\System32\drivers\GAGP30KX.SYS [2009-7-14 65088]
S3 hcw85cir;Hauppauge Consumer Infrared Receiver;C:\windows\System32\drivers\hcw85cir.sys [2009-7-13 31232]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service;C:\windows\System32\drivers\HdAudio.sys [2011-12-4 350208]
S3 HidBatt;HID UPS Battery Driver;C:\windows\System32\drivers\hidbatt.sys [2009-7-14 26624]
S3 HidBth;Microsoft Bluetooth HID Miniport;C:\windows\System32\drivers\hidbth.sys [2009-7-14 100864]
S3 HidIr;Microsoft Infrared HID Driver;C:\windows\System32\drivers\hidir.sys [2009-7-14 46592]
S3 hidserv;Prístup k zariadeniu s rozhraním HID;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 hkmsvc;Health Key and Certificate Management;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 HomeGroupListener;HomeGroup Listener;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 HomeGroupProvider;HomeGroup Provider;C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-14 27136]
S3 hpqwmiex;HP Software Framework Service;C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-5-13 1129760]
S3 HpSAMD;HpSAMD;C:\windows\System32\drivers\HpSAMD.sys [2011-12-4 78720]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial;C:\windows\System32\drivers\ewusbmdm.sys [2011-12-27 121600]
S3 iaStorV;Intel RAID Controller Windows 7;C:\windows\System32\drivers\iaStorV.sys [2011-11-28 410496]
S3 idsvc;Windows CardSpace;C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [2014-8-16 859280]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-8-17 111616]
S3 iirsp;iirsp;C:\windows\System32\drivers\iirsp.sys [2009-7-13 44112]
S3 intelide;intelide;C:\windows\System32\drivers\intelide.sys [2009-7-14 16960]
S3 IPBusEnum;PnP-X IP Bus Enumerator;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 IpFilterDriver;IP Traffic Filter Driver;C:\windows\System32\drivers\ipfltdrv.sys [2011-12-4 82944]
S3 IPMIDRV;IPMIDRV;C:\windows\System32\drivers\IPMIDrv.sys [2011-12-4 78848]
S3 IPNAT;IP Network Address Translator;C:\windows\System32\drivers\ipnat.sys [2009-7-14 116224]
S3 IRENUM;IR Bus Enumerator;C:\windows\System32\drivers\irenum.sys [2009-7-14 17920]
S3 isapnp;isapnp;C:\windows\System32\drivers\isapnp.sys [2009-7-14 20544]
S3 iScsiPrt;iScsiPort Driver;C:\windows\System32\drivers\msiscsi.sys [2014-4-10 274880]
S3 kbdhid;Keyboard HID Driver;C:\windows\System32\drivers\kbdhid.sys [2011-12-4 33280]
S3 KtmRm;KtmRm for Distributed Transaction Coordinator;C:\windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation [2009-7-14 27136]
S3 lltdsvc;Mapovač zisťovania topológie úrovne vrstvy prepojení;C:\windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
S3 LSI_FC;LSI_FC;C:\windows\System32\drivers\lsi_fc.sys [2009-7-13 114752]
S3 LSI_SAS;LSI_SAS;C:\windows\System32\drivers\lsi_sas.sys [2009-7-13 106560]
S3 LSI_SAS2;LSI_SAS2;C:\windows\System32\drivers\lsi_sas2.sys [2009-7-13 65600]
S3 LSI_SCSI;LSI_SCSI;C:\windows\System32\drivers\lsi_scsi.sys [2009-7-13 115776]
S3 megasas;megasas;C:\windows\System32\drivers\megasas.sys [2009-6-10 35392]
S3 MegaSR;MegaSR;C:\windows\System32\drivers\MegaSR.sys [2009-7-13 284736]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 30963576]
S3 mpio;Microsoft Multi-Path Bus Driver;C:\windows\System32\drivers\mpio.sys [2011-12-4 155008]
S3 MRxDAV;WebDav Client Redirector Driver;C:\windows\System32\drivers\mrxdav.sys [2013-10-11 140800]
S3 msahci;msahci;C:\windows\System32\drivers\msahci.sys [2011-12-4 31104]
S3 msdsm;Microsoft Multi-Path Device Specific Module;C:\windows\System32\drivers\msdsm.sys [2011-12-4 140672]
S3 MSDTC;Distributed Transaction Coordinator;C:\windows\System32\msdtc.exe [2009-7-14 141824]
S3 mshidkmdf;Pass-through HID to KMDF Filter Driver;C:\windows\System32\drivers\mshidkmdf.sys [2009-7-14 8192]
S3 MSiSCSI;Microsoft iSCSI Initiator Service;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 msiserver;Inštalátor systému Windows;C:\windows\System32\msiexec.exe [2011-12-4 128000]
S3 MSKSSRV;Microsoft Streaming Service Proxy;C:\windows\System32\drivers\mskssrv.sys [2009-7-14 11136]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy;C:\windows\System32\drivers\mspclock.sys [2009-7-14 7168]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy;C:\windows\System32\drivers\mspqm.sys [2009-7-14 6784]
S3 MsRPC;MsRPC;C:\windows\System32\drivers\msrpc.sys [2011-12-4 366976]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter;C:\windows\System32\drivers\mstee.sys [2009-7-14 8064]
S3 MTConfig;Microsoft Input Configuration Driver;C:\windows\System32\drivers\MTConfig.sys [2009-7-14 15360]
S3 napagent;Network Access Protection Agent;C:\windows\System32\svchost.exe -k NetworkService [2009-7-14 27136]
S3 NdisCap;NDIS Capture LightWeight Filter;C:\windows\System32\drivers\ndiscap.sys [2009-7-14 35328]
S3 Netlogon;Netlogon;C:\windows\System32\lsass.exe [2014-5-19 31232]
S3 nfrd960;nfrd960;C:\windows\System32\drivers\nfrd960.sys [2009-7-13 51264]
S3 nmwcd;Nokia USB Phone Parent Driver;C:\windows\System32\drivers\ccdcmbx64.sys [2010-12-2 19968]
S3 nv_agp;NVIDIA nForce AGP Bus Filter;C:\windows\System32\drivers\NV_AGP.SYS [2009-7-14 122960]
S3 nvraid;nvraid;C:\windows\System32\drivers\nvraid.sys [2011-11-28 148352]
S3 nvstor;nvstor;C:\windows\System32\drivers\nvstor.sys [2011-11-28 166272]
S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy);C:\windows\System32\drivers\ohci1394.sys [2009-7-14 72832]
S3 ose;Office Source Engine;C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE [2010-1-9 149352]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 p2pimsvc;Peer Networking Identity Manager;C:\windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-14 27136]
S3 p2psvc;Peer Networking Grouping;C:\windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-14 27136]
S3 Parport;Parallel port driver;C:\windows\System32\drivers\parport.sys [2009-7-14 97280]
S3 pciide;pciide;C:\windows\System32\drivers\pciide.sys [2009-7-14 12352]
S3 pcmcia;pcmcia;C:\windows\System32\drivers\pcmcia.sys [2009-7-14 220752]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2009-7-14 20992]
S3 pla;Performance Logs & Alerts;C:\windows\System32\svchost.exe -k LocalServiceNoNetwork [2009-7-14 27136]
S3 PNRPAutoReg;PNRP Machine Name Publication Service;C:\windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-14 27136]
S3 PNRPsvc;Peer Name Resolution Protocol;C:\windows\System32\svchost.exe -k LocalServicePeerNet [2009-7-14 27136]
S3 PolicyAgent;IPsec Policy Agent;C:\windows\System32\svchost.exe -k NetworkServiceNetworkRestricted [2009-7-14 27136]
S3 Processor;Processor Driver;C:\windows\System32\drivers\processr.sys [2009-7-14 60416]
S3 ProtectedStorage;Protected Storage;C:\windows\System32\lsass.exe [2014-5-19 31232]
S3 ql2300;ql2300;C:\windows\System32\drivers\ql2300.sys [2009-6-10 1524816]
S3 ql40xx;ql40xx;C:\windows\System32\drivers\ql40xx.sys [2009-7-13 128592]
S3 QWAVE;Quality Windows Audio Video Experience;C:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
S3 QWAVEdrv;QWAVE driver;C:\windows\System32\drivers\qwavedrv.sys [2009-7-14 46592]
S3 RasAcd;Remote Access Auto Connection Driver;C:\windows\System32\drivers\rasacd.sys [2009-7-14 14848]
S3 RasAuto;Remote Access Auto Connection Manager;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 rdpbus;Remote Desktop Device Redirector Bus Driver;C:\windows\System32\drivers\rdpbus.sys [2009-7-14 24064]
S3 RDPWD;RDP Winstation Driver;C:\windows\System32\drivers\rdpwd.sys [2012-6-13 210944]
S3 RemoteRegistry;Remote Registry;C:\windows\System32\svchost.exe -k regsvc [2009-7-14 27136]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI);C:\windows\System32\drivers\rfcomm.sys [2009-7-14 158720]
S3 RpcLocator;Remote Procedure Call (RPC) Locator;C:\windows\System32\Locator.exe [2009-7-14 10240]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2010-9-3 232480]
S3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2010-9-3 325152]
S3 sbp2port;SBP-2 Transport/Protocol Bus Driver;C:\windows\System32\drivers\sbp2port.sys [2011-12-4 103808]
S3 SCardSvr;Smart Card;C:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
S3 scfilter;Smart card PnP Class Filter Driver;C:\windows\System32\drivers\scfilter.sys [2011-12-4 29696]
S3 SCPolicySvc;Politika vybratia karty Smart Card;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 sdbus;sdbus;C:\windows\System32\drivers\sdbus.sys [2011-12-4 109056]
S3 SDRSVC;Windows Zálohovanie;C:\windows\System32\svchost.exe -k SDRSVC [2009-7-14 27136]
S3 seclogon;Sekundárne prihlasovanie;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 SensrSvc;Adaptive Brightness;C:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
S3 Serenum;Serenum Filter Driver;C:\windows\System32\drivers\serenum.sys [2009-7-14 23552]
S3 Serial;Serial;C:\windows\System32\drivers\serial.sys [2009-7-14 94208]
S3 sermouse;Serial Mouse Driver;C:\windows\System32\drivers\sermouse.sys [2009-7-14 26624]
S3 SessionEnv;Remote Desktop Configuration;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 sffdisk;SFF Storage Class Driver;C:\windows\System32\drivers\sffdisk.sys [2009-7-14 14336]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC;C:\windows\System32\drivers\sffp_mmc.sys [2009-7-14 13824]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus;C:\windows\System32\drivers\sffp_sd.sys [2011-12-4 14336]
S3 sfloppy;High-Capacity Floppy Disk Drive;C:\windows\System32\drivers\sfloppy.sys [2009-7-14 16896]
S3 SharedAccess;Internet Connection Sharing (ICS);C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 SiSRaid2;SiSRaid2;C:\windows\System32\drivers\sisraid2.sys [2009-6-10 43584]
S3 SiSRaid4;SiSRaid4;C:\windows\System32\drivers\sisraid4.sys [2009-7-13 80464]
S3 Smb;Protokol TCP/IP orientovaný na správy a protokol TCP/IPv6 (relácia SMB);C:\windows\System32\drivers\smb.sys [2009-7-14 93184]
S3 SNMPTRAP;SNMP Trap;C:\windows\System32\snmptrap.exe [2009-7-14 14336]
S3 sppuinotify;Oznamovacia služba SPP;C:\windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
S3 stexstor;stexstor;C:\windows\System32\drivers\stexstor.sys [2009-7-13 24656]
S3 swprv;Microsoft Software Shadow Copy Provider;C:\windows\System32\svchost.exe -k swprv [2009-7-14 27136]
S3 TabletInputService;Tablet PC Input Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TBS;TPM Base Services;C:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
S3 TCPIP6;Microsoft IPv6 Protocol Driver;C:\windows\System32\drivers\tcpip.sys [2014-6-11 1903552]
S3 TDPIPE;TDPIPE;C:\windows\System32\drivers\tdpipe.sys [2009-7-14 15872]
S3 TDTCP;TDTCP;C:\windows\System32\drivers\tdtcp.sys [2012-3-16 23552]
S3 TermService;Remote Desktop Services;C:\windows\System32\svchost.exe -k NetworkService [2009-7-14 27136]
S3 THREADORDER;Thread Ordering Server;C:\windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
S3 TPM;TPM;C:\windows\System32\drivers\tpm.sys [2009-7-14 38400]
S3 TrustedInstaller;Windows Modules Installer;C:\Windows\servicing\TrustedInstaller.exe [2011-12-4 194048]
S3 tssecsrv;Remote Desktop Services Security Filter Driver;C:\windows\System32\drivers\tssecsrv.sys [2013-8-15 39936]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2011-12-4 59392]
S3 uagp35;Microsoft AGPv3.5 Filter;C:\windows\System32\drivers\UAGP35.SYS [2009-7-14 64080]
S3 UI0Detect;Interactive Services Detection;C:\windows\System32\UI0Detect.exe [2009-7-14 40960]
S3 uliagpkx;Uli AGP Bus Filter;C:\windows\System32\drivers\ULIAGPKX.SYS [2009-7-14 64592]
S3 UmPass;Microsoft UMPass Driver;C:\windows\System32\drivers\umpass.sys [2009-7-14 9728]
S3 usbaudio;USB Audio Driver (WDM);C:\windows\System32\drivers\USBAUDIO.sys [2013-10-11 109824]
S3 usbcir;eHome Infrared Receiver (USBCIR);C:\windows\System32\drivers\usbcir.sys [2013-10-11 100864]
S3 usbohci;Microsoft USB Open Host Controller Miniport Driver;C:\windows\System32\drivers\usbohci.sys [2014-1-17 25600]
S3 usbprint;Microsoft USB PRINTER Class;C:\windows\System32\drivers\usbprint.sys [2009-7-14 25088]
S3 USBSTOR;USB Mass Storage Driver;C:\windows\System32\drivers\USBSTOR.SYS [2011-11-28 91648]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver;C:\windows\System32\drivers\usbuhci.sys [2014-1-17 30720]
S3 usbvideo;USB Video Device (WDM);C:\windows\System32\drivers\usbvideo.sys [2013-10-11 185344]
S3 VaultSvc;Správca poverení;C:\windows\System32\lsass.exe [2014-5-19 31232]
S3 vds;Virtual Disk;C:\windows\System32\vds.exe [2011-12-4 533504]
S3 vga;vga;C:\windows\System32\drivers\vgapnp.sys [2009-7-14 29184]
S3 vhdmp;vhdmp;C:\windows\System32\drivers\vhdmp.sys [2011-12-4 215936]
S3 viaide;viaide;C:\windows\System32\drivers\viaide.sys [2009-7-14 17488]
S3 vsmraid;vsmraid;C:\windows\System32\drivers\vsmraid.sys [2009-6-10 161872]
S3 VSS;Volume Shadow Copy;C:\windows\System32\VSSVC.exe [2011-12-4 1600512]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\System32\drivers\vwifimp.sys [2009-7-14 17920]
S3 WacomPen;Wacom Serial Pen HID Driver;C:\windows\System32\drivers\wacompen.sys [2009-7-14 27776]
S3 WANARP;Remote Access IP ARP Driver;C:\windows\System32\drivers\wanarp.sys [2011-12-4 88576]
S3 WatAdminSvc;Služba Windows Activation Technologies;C:\windows\System32\Wat\WatAdminSvc.exe [2011-9-9 1255736]
S3 wbengine;Block Level Backup Engine Service;C:\windows\System32\wbengine.exe [2011-12-4 1504256]
S3 WbioSrvc;Windows Biometric Service;C:\windows\System32\svchost.exe -k WbioSvcGroup [2009-7-14 27136]
S3 wcncsvc;Windows Connect Now - Config Registrar;C:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
S3 WcsPlugInService;Windows Color System;C:\windows\System32\svchost.exe -k wcssvc [2009-7-14 27136]
S3 Wd;Wd;C:\windows\System32\drivers\wd.sys [2009-7-14 21056]
S3 WebClient;WebClient;C:\windows\System32\svchost.exe -k LocalService [2009-7-14 27136]
S3 Wecsvc;Windows Event Collector;C:\windows\System32\svchost.exe -k NetworkService [2009-7-14 27136]
S3 wercplsupport;Problem Reports and Solutions Control Panel Support;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S3 WerSvc;Windows Error Reporting Service;C:\windows\System32\svchost.exe -k WerSvcGroup [2009-7-14 27136]
S3 WIMMount;WIMMount;C:\windows\System32\drivers\wimmount.sys [2009-7-14 22096]
S3 WinRM;Windows Remote Management (WS-Management);C:\windows\System32\svchost.exe -k NetworkService [2009-7-14 27136]
S3 WinUsb;WinUsb;C:\windows\System32\drivers\winusb.sys [2011-12-4 41984]
S3 wmiApSrv;WMI Performance Adapter;C:\windows\System32\wbem\WmiApSrv.exe [2009-7-14 203264]
S3 WPCSvc;Parental Controls;C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2009-7-14 27136]
S3 WPDBusEnum;Portable Device Enumerator Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 WudfPf;User Mode Driver Frameworks Platform Driver;C:\windows\System32\drivers\WUDFPf.sys [2012-11-16 87040]
S3 WUDFRd;WUDFRd;C:\windows\System32\drivers\WUDFRd.sys [2012-11-16 198656]
S3 wudfsvc;Windows Driver Foundation - User-mode Driver Framework;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S4 aspnet_state;ASP.NET State Service;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-9-11 51808]
S4 cdfs;CD/DVD File System Reader;C:\windows\System32\drivers\cdfs.sys [2009-7-14 92160]
S4 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86;C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2014-8-17 67224]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2014-8-17 90776]
S4 crcdisk;Crcdisk Filter Driver;C:\windows\System32\drivers\crcdisk.sys [2009-7-14 24144]
S4 Mcx2Svc;Služba Media Center Extender;C:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2009-7-14 27136]
S4 NetMsmqActivator;Net.Msmq Listener Adapter;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-9-11 139856]
S4 NetPipeActivator;Net.Pipe Listener Adapter;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-9-11 139856]
S4 NetTcpActivator;Net.Tcp Listener Adapter;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-9-11 139856]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-9-11 139856]
S4 RemoteAccess;Routing and Remote Access;C:\windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]
S4 udfs;udfs;C:\windows\System32\drivers\udfs.sys [2011-12-4 328192]
S4 ws2ifsl;Winsock IFS Driver;C:\windows\System32\drivers\ws2ifsl.sys [2009-7-14 21504]
.
=============== File Associations ===============
.
FileExt: .bat: batfile="%1" %*
FileExt: .cmd: cmdfile="%1" %*
FileExt: .com: comfile="%1" %*
FileExt: .exe: exefile="%1" %*
FileExt: .pif: piffile="%1" %*
FileExt: .scr: scrfile="%1" /S
FileExt: .reg: regfile=regedit.exe "%1"
FileExt: .txt: txtfile=C:\windows\System32\NOTEPAD.EXE %1
FileExt: .chm: chm.file="C:\windows\hh.exe" %1
FileExt: .ini: inifile=C:\windows\System32\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\windows\System32\NOTEPAD.EXE %1
ShellExec: AcroRD32.exe: Read="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" "%1"
ShellExec: chrome.exe: open="C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe" "%1"
ShellExec: CORELC~1.EXE: open=c:\Program Files (x86)\Corel\Corel Home Office\CORELC~1.EXE /dde
ShellExec: CORELC~1.EXE: print=c:\Program Files (x86)\Corel\Corel Home Office\CORELC~1.EXE /dde
ShellExec: CORELC~1.EXE: printto=c:\Program Files (x86)\Corel\Corel Home Office\CORELC~1.EXE /dde
ShellExec: CORELS~1.EXE: open=c:\Program Files (x86)\Corel\Corel Home Office\CORELS~1.EXE /dde
ShellExec: CORELS~1.EXE: print=c:\Program Files (x86)\Corel\Corel Home Office\CORELS~1.EXE /dde
ShellExec: CORELS~1.EXE: printto=c:\Program Files (x86)\Corel\Corel Home Office\CORELS~1.EXE /dde
ShellExec: CORELW~1.EXE: open=c:\Program Files (x86)\Corel\Corel Home Office\CORELW~1.EXE /dde
ShellExec: CORELW~1.EXE: print=c:\Program Files (x86)\Corel\Corel Home Office\CORELW~1.EXE /dde
ShellExec: CORELW~1.EXE: printto=c:\Program Files (x86)\Corel\Corel Home Office\CORELW~1.EXE /dde
ShellExec: DigitalTheatre.exe: open="c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTStart.exe" "%1"
ShellExec: ehshell.exe: open="C:\Windows\eHome\ehshell.exe" "%1"
ShellExec: iexplore.exe: open="C:\Program Files\Internet Explorer\iexplore.exe" %1
ShellExec: mspaint.exe: edit="C:\windows\System32\mspaint.exe" "%1"
ShellExec: notepad.exe: edit=C:\windows\System32\NOTEPAD.EXE %1
ShellExec: notepad.exe: open=C:\windows\System32\NOTEPAD.EXE %1
ShellExec: OIS.EXE: Edit=C:\PROGRA~2\MICROS~1\Office14\OIS.EXE /shellEdit "%1"
ShellExec: OIS.EXE: Open=C:\PROGRA~2\MICROS~1\Office14\OIS.EXE /shellOpen "%1"
ShellExec: OIS.EXE: Preview=C:\PROGRA~2\MICROS~1\Office14\OIS.EXE /shellPreview "%1"
ShellExec: photoviewer.dll: open=C:\windows\System32\rundll32.exe "C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
ShellExec: photoviewer.dll: print=C:\windows\System32\rundll32.exe "C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
ShellExec: Winword.exe: edit="C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "%1"
ShellExec: wmplayer.exe: open="C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Open "%L"
ShellExec: wmplayer.exe: play="C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play "%L"
ShellExec: wordpad.exe: open="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1"
.
=============== Created Last 60 ================
.
2014-12-31 23:23:22 -------- d-----w- C:\Program Files (x86)\Google
.
==================== Find6M ====================
.
2014-08-07 02:06:41 529920 ----a-w- C:\windows\System32\aepdu.dll
2014-08-07 02:01:34 424448 ----a-w- C:\windows\System32\aeinv.dll
2014-08-05 07:20:00 270496 ------w- C:\windows\System32\MpSigStub.exe
2014-07-31 23:41:41 348856 ----a-w- C:\windows\System32\iedkcs32.dll
2014-07-31 23:16:34 307384 ----a-w- C:\windows\SysWow64\iedkcs32.dll
2014-07-25 14:52:04 23645696 ----a-w- C:\windows\System32\mshtml.dll
2014-07-25 14:02:12 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-07-25 14:01:41 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-07-25 13:51:14 17524224 ----a-w- C:\windows\SysWow64\mshtml.dll
2014-07-25 13:30:30 66048 ----a-w- C:\windows\System32\iesetup.dll
2014-07-25 13:28:35 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-07-25 13:28:27 548352 ----a-w- C:\windows\System32\vbscript.dll
2014-07-25 13:25:45 83968 ----a-w- C:\windows\System32\MshtmlDac.dll
2014-07-25 13:25:32 2774528 ----a-w- C:\windows\System32\iertutil.dll
2014-07-25 13:11:32 51200 ----a-w- C:\windows\System32\jsproxy.dll
2014-07-25 13:10:00 33792 ----a-w- C:\windows\System32\iernonce.dll
2014-07-25 13:04:40 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-07-25 13:03:50 598016 ----a-w- C:\windows\System32\ieui.dll
2014-07-25 13:00:51 139264 ----a-w- C:\windows\System32\ieUnatt.exe
2014-07-25 13:00:25 111616 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-07-25 12:59:28 758272 ----a-w- C:\windows\System32\jscript9diag.dll
2014-07-25 12:47:25 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2014-07-25 12:40:12 452096 ----a-w- C:\windows\System32\dxtmsft.dll
2014-07-25 12:34:49 61952 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-07-25 12:34:03 455168 ----a-w- C:\windows\SysWow64\vbscript.dll
2014-07-25 12:33:08 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-07-25 12:30:32 61952 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2014-07-25 12:28:15 5824512 ----a-w- C:\windows\System32\jscript9.dll
2014-07-25 12:28:05 72704 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2014-07-25 12:21:28 2184704 ----a-w- C:\windows\SysWow64\iertutil.dll
2014-07-25 12:19:18 195584 ----a-w- C:\windows\System32\msrating.dll
2014-07-25 12:18:49 43008 ----a-w- C:\windows\SysWow64\jsproxy.dll
2014-07-25 12:17:33 32768 ----a-w- C:\windows\SysWow64\iernonce.dll
2014-07-25 12:17:26 85504 ----a-w- C:\windows\System32\mshtmled.dll
2014-07-25 12:12:35 438784 ----a-w- C:\windows\SysWow64\ieui.dll
2014-07-25 12:10:53 292864 ----a-w- C:\windows\System32\dxtrans.dll
2014-07-25 12:10:15 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-07-25 12:08:47 597504 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-07-25 12:06:47 4204032 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-07-25 11:52:19 367104 ----a-w- C:\windows\SysWow64\dxtmsft.dll
2014-07-25 11:47:50 631808 ----a-w- C:\windows\System32\msfeeds.dll
2014-07-25 11:43:16 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-25 11:42:31 692736 ----a-w- C:\windows\System32\ie4uinit.exe
2014-07-25 11:39:29 2087936 ----a-w- C:\windows\System32\inetcpl.cpl
2014-07-25 11:39:25 1249280 ----a-w- C:\windows\System32\mshtmlmedia.dll
2014-07-25 11:36:30 164864 ----a-w- C:\windows\SysWow64\msrating.dll
2014-07-25 11:34:04 69632 ----a-w- C:\windows\SysWow64\mshtmled.dll
2014-07-25 11:29:33 239616 ----a-w- C:\windows\SysWow64\dxtrans.dll
2014-07-25 11:23:30 13547008 ----a-w- C:\windows\System32\ieframe.dll
2014-07-25 11:13:12 526336 ----a-w- C:\windows\SysWow64\msfeeds.dll
2014-07-25 11:07:49 2001920 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-07-25 11:07:10 1068032 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2014-07-25 11:03:13 11772928 ----a-w- C:\windows\SysWow64\ieframe.dll
2014-07-25 10:52:06 2266624 ----a-w- C:\windows\System32\wininet.dll
2014-07-25 10:26:58 1431040 ----a-w- C:\windows\System32\urlmon.dll
2014-07-25 10:17:47 846336 ----a-w- C:\windows\System32\ieapfltr.dll
2014-07-25 10:09:19 704512 ----a-w- C:\windows\SysWow64\ieapfltr.dll
2014-07-25 10:05:23 1792512 ----a-w- C:\windows\SysWow64\wininet.dll
2014-07-25 10:00:43 1169920 ----a-w- C:\windows\SysWow64\urlmon.dll
2014-07-16 03:23:41 2048 ----a-w- C:\windows\System32\tzres.dll
2014-07-16 02:46:02 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2014-07-14 02:02:45 1216000 ----a-w- C:\windows\System32\rpcrt4.dll
2014-07-14 01:40:58 664064 ----a-w- C:\windows\SysWow64\rpcrt4.dll
.
============= FINISH: 0:26:49,14 ===============
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu.
Zdravim 
Vypnete trvale Windows Defender.
Dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe , navod zde http://forum.viry.cz/viewtopic.php?f=13&t=130786
Vypnete trvale Windows Defender. Dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe , navod zde http://forum.viry.cz/viewtopic.php?f=13&t=130786Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Adela at 2015-01-01 09:04:25
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 96 GB (46%) free of 207 GB
Total RAM: 2927 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:04:33, on 1. 1. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Adela\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Adela.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=112477 ... 1e101f2b52
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - (no file)
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - (no file)
O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - (no file)
O2 - BHO: wxDownload - {7BA650CB-F59A-ADBE-4CFE-059D39A8C91B} - (no file)
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - (no file)
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - (no file)
O3 - Toolbar: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Adela\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-2485374108-2041942618-780395263-1002\..\Run: [Google Update] "C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User '?')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.siteadvisor.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.siteadvisor.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5326CF9C-0631-45F9-B524-6CBA7F024EE2}: NameServer = 213.151.200.30 213.151.208.161
O17 - HKLM\System\CCS\Services\Tcpip\..\{60025A5D-ECDE-41B6-8512-E9BC1F231AA1}: NameServer = 213.151.222.34 85.237.225.250
O17 - HKLM\System\CCS\Services\Tcpip\..\{727D2BAE-9DB6-42DC-AFB0-71953D601526}: NameServer = 213.151.222.34 85.237.225.250
O17 - HKLM\System\CCS\Services\Tcpip\..\{D64F5F6F-9FF4-4D44-82B9-3E630E9FB898}: NameServer = 85.237.225.250 213.151.222.34
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - (no file)
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe
O23 - Service: DEBridge - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\windows\system32\srvany.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Enterprise Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Virus and Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15266 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\windows\system32\services.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {F7B8F60C-598F-4887-9A96-373C0DDD1DBB}
C:\windows\System32\spoolsv.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
"taskhost.exe"
C:\ProgramData\Premium\WxDFast\WxDFast.exe /schedule /profilepath "C:\ProgramData\Premium\WxDFast\profile.ini"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe"
C:\ProgramData\DatacardService\DCService.exe
"c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe"
"c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe"
"C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe" /ServiceStart
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Motorola\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2948
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\sppsvc.exe
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
C:\windows\servicing\TrustedInstaller.exe
"C:\windows\system32\Dwm.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\Explorer.EXE
"C:\ProgramData\DatacardService\DCSHelper.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Users\Adela\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe" -Embedding
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
"C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3116.0.30609519\659221571" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2086 --ignored=" --type=renderer " /prefetch:822062411
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
taskeng.exe {83B41A0B-1F35-4BFB-8FD5-BB1801C8A0CD}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
"C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_34/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="3116.3.1945317539\566880078" /prefetch:673131151
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
"C:\windows\system32\wuauclt.exe"
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
"C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_34/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="3116.6.509502483\1754454706" /prefetch:673131151
"C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3116.7.1062989146\2027977909" --ppapi-flash-args=enable_hw_video_decode=1 --lang=sk --ignored=" --type=renderer " /prefetch:-632637702
taskhost.exe $(Arg0)
"C:\Users\Adela\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2485374108-2041942618-780395263-1002Core.job - C:\Users\Adela\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2485374108-2041942618-780395263-1002UA.job - C:\Users\Adela\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2485374108-2041942618-780395263-1002Core.job - C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2485374108-2041942618-780395263-1002UA.job - C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\OptimizerPro1UpdaterTask{C4BC6B3B-7AD9-4993-8D0E-CDA44E9C9768}.job - C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe /schedule /profilepath "C:\ProgramData\Premium\OptimizerPro1\profile.ini"
C:\windows\tasks\WxDFastUpdaterTask{50177B09-8FD8-4502-9A74-CE328F4FB3BF}.job - C:\ProgramData\Premium\WxDFast\WxDFast.exe /schedule /profilepath "C:\ProgramData\Premium\WxDFast\profile.ini"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2009-12-03 2187528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 6723984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7BA650CB-F59A-ADBE-4CFE-059D39A8C91B}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-10-21 21720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-08 136176]
"Facebook Update"=C:\Users\Adela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-30 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent]
C:\Program Files\Motorola\Bluetooth\btmshell.dll [2010-06-10 24783624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2009-11-18 518656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Sanitizer]
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2009-12-12 11265536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-08 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\windows\system32\hkcmd.exe [2010-03-24 391192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR]
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-09-29 1685048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPPowerAssistant]
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2010-06-19 1691192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPWirelessAssistant]
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-04-05 8192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\windows\system32\igfxtray.exe [2010-03-24 166424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfee Managed Services Tray]
C:\Program Files (x86)\McAfee\Managed VirusScan\DesktopUI\XTray.Exe [2010-02-17 476480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files (x86)\PDF Complete\pdfsty.exe [2009-10-23 563736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\windows\system32\igfxpers.exe [2010-03-24 410648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-03-01 256056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2010-03-17 487424]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~3\bitguard\271769~1.27\{16cdf~1\loader.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-02-20 269824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 6723984]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-01-17 23:49:16 ----A---- C:\windows\ntbtlog.txt
2015-01-01 09:04:26 ----D---- C:\Program Files\trend micro
2015-01-01 09:04:25 ----D---- C:\rsit
2015-01-01 00:23:22 ----D---- C:\Program Files (x86)\Google
======List of files/folders modified in the last 1 month======
2015-01-13 21:42:01 ----D---- C:\Program Files (x86)\Origin
2015-01-01 09:04:33 ----D---- C:\windows\Prefetch
2015-01-01 09:04:26 ----RD---- C:\Program Files
2015-01-01 09:03:56 ----D---- C:\windows\Temp
2015-01-01 09:03:17 ----D---- C:\windows\System32
2015-01-01 09:03:17 ----D---- C:\windows\inf
2015-01-01 09:03:17 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-01-01 08:58:03 ----D---- C:\windows\system32\config
2015-01-01 08:57:43 ----A---- C:\windows\SYSWOW64\log.txt
2015-01-01 08:57:29 ----D---- C:\ProgramData\HPQLOG
2015-01-01 01:53:06 ----SHD---- C:\System Volume Information
2015-01-01 00:30:24 ----SD---- C:\ProgramData\Microsoft
2015-01-01 00:23:26 ----RD---- C:\Program Files (x86)
2014-12-21 18:57:34 ----D---- C:\windows\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SafeBoot;SafeBoot; C:\windows\system32\drivers\SafeBoot.sys [2009-12-16 56648]
R0 SbAlg;SbAlg; C:\windows\system32\drivers\SbAlg.sys [2009-06-04 60160]
R0 SbFsLock;SbFsLock; C:\windows\system32\drivers\SbFsLock.sys [2009-12-16 15688]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2009-12-16 58184]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 41272]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-11-02 1209856]
R3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [2010-06-29 3232768]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 25912]
R3 huawei_enumerator;huawei_enumerator; C:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-07-27 86016]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-02-20 10300800]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28x.sys [2010-06-29 931168]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2009-12-22 89216]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt64.sys [2010-03-17 505856]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys []
S3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [2010-04-09 52736]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2009-10-21 40760]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 13952]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\windows\system32\DRIVERS\ewusbnet.sys [2010-08-31 256000]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2010-08-07 121600]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2010-12-02 19968]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-11-11 232480]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 325152]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [2009-03-03 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-11-02 16896]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 DCService.exe;DCService.exe; C:\ProgramData\DatacardService\DCService.exe [2010-09-29 249856]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2009-11-25 462088]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-06-19 103992]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2009-11-18 36864]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-05-10 90112]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-12-16 281192]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2009-07-08 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-11-04 268824]
R2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service; C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe [2009-08-07 222528]
R2 myAgtSvc;McAfee Virus and Spyware Protection Service; C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [2010-02-17 282824]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2009-10-23 635416]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [2010-03-17 244736]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-08-29 1028096]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
S2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
S2 KMService;KMService; C:\windows\syswow64\srvany.exe [2003-04-18 8192]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2009-12-14 2019120]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
S3 DEBridge;DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2009-12-16 704512]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2009-11-17 362040]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-08-29 647680]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-09-08 1255736]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Run by Adela at 2015-01-01 09:04:25
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 96 GB (46%) free of 207 GB
Total RAM: 2927 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:04:33, on 1. 1. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Adela\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Adela.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=112477 ... 1e101f2b52
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - (no file)
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - (no file)
O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - (no file)
O2 - BHO: wxDownload - {7BA650CB-F59A-ADBE-4CFE-059D39A8C91B} - (no file)
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - (no file)
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - (no file)
O3 - Toolbar: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Adela\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-2485374108-2041942618-780395263-1002\..\Run: [Google Update] "C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User '?')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.siteadvisor.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.siteadvisor.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5326CF9C-0631-45F9-B524-6CBA7F024EE2}: NameServer = 213.151.200.30 213.151.208.161
O17 - HKLM\System\CCS\Services\Tcpip\..\{60025A5D-ECDE-41B6-8512-E9BC1F231AA1}: NameServer = 213.151.222.34 85.237.225.250
O17 - HKLM\System\CCS\Services\Tcpip\..\{727D2BAE-9DB6-42DC-AFB0-71953D601526}: NameServer = 213.151.222.34 85.237.225.250
O17 - HKLM\System\CCS\Services\Tcpip\..\{D64F5F6F-9FF4-4D44-82B9-3E630E9FB898}: NameServer = 85.237.225.250 213.151.222.34
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - (no file)
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe
O23 - Service: DEBridge - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\windows\system32\srvany.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Enterprise Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Virus and Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15266 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\windows\system32\services.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {F7B8F60C-598F-4887-9A96-373C0DDD1DBB}
C:\windows\System32\spoolsv.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
"taskhost.exe"
C:\ProgramData\Premium\WxDFast\WxDFast.exe /schedule /profilepath "C:\ProgramData\Premium\WxDFast\profile.ini"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe"
C:\ProgramData\DatacardService\DCService.exe
"c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe"
"c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe"
"C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe" /ServiceStart
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Motorola\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2948
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\sppsvc.exe
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
C:\windows\servicing\TrustedInstaller.exe
"C:\windows\system32\Dwm.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\Explorer.EXE
"C:\ProgramData\DatacardService\DCSHelper.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Users\Adela\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe" -Embedding
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
"C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3116.0.30609519\659221571" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2086 --ignored=" --type=renderer " /prefetch:822062411
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
taskeng.exe {83B41A0B-1F35-4BFB-8FD5-BB1801C8A0CD}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
"C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_34/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="3116.3.1945317539\566880078" /prefetch:673131151
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
"C:\windows\system32\wuauclt.exe"
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\windows\system32\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
"C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_34/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="3116.6.509502483\1754454706" /prefetch:673131151
"C:\Users\Adela\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3116.7.1062989146\2027977909" --ppapi-flash-args=enable_hw_video_decode=1 --lang=sk --ignored=" --type=renderer " /prefetch:-632637702
taskhost.exe $(Arg0)
"C:\Users\Adela\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2485374108-2041942618-780395263-1002Core.job - C:\Users\Adela\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2485374108-2041942618-780395263-1002UA.job - C:\Users\Adela\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2485374108-2041942618-780395263-1002Core.job - C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2485374108-2041942618-780395263-1002UA.job - C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\OptimizerPro1UpdaterTask{C4BC6B3B-7AD9-4993-8D0E-CDA44E9C9768}.job - C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe /schedule /profilepath "C:\ProgramData\Premium\OptimizerPro1\profile.ini"
C:\windows\tasks\WxDFastUpdaterTask{50177B09-8FD8-4502-9A74-CE328F4FB3BF}.job - C:\ProgramData\Premium\WxDFast\WxDFast.exe /schedule /profilepath "C:\ProgramData\Premium\WxDFast\profile.ini"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2009-12-03 2187528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 6723984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7BA650CB-F59A-ADBE-4CFE-059D39A8C91B}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-10-21 21720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-08 136176]
"Facebook Update"=C:\Users\Adela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-30 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent]
C:\Program Files\Motorola\Bluetooth\btmshell.dll [2010-06-10 24783624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2009-11-18 518656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\File Sanitizer]
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2009-12-12 11265536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Adela\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-08 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\windows\system32\hkcmd.exe [2010-03-24 391192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR]
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-09-29 1685048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPPowerAssistant]
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2010-06-19 1691192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPWirelessAssistant]
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-04-05 8192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\windows\system32\igfxtray.exe [2010-03-24 166424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfee Managed Services Tray]
C:\Program Files (x86)\McAfee\Managed VirusScan\DesktopUI\XTray.Exe [2010-02-17 476480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files (x86)\PDF Complete\pdfsty.exe [2009-10-23 563736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\windows\system32\igfxpers.exe [2010-03-24 410648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-03-01 256056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray64.exe [2010-03-17 487424]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~3\bitguard\271769~1.27\{16cdf~1\loader.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-02-20 269824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 6723984]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-01-17 23:49:16 ----A---- C:\windows\ntbtlog.txt
2015-01-01 09:04:26 ----D---- C:\Program Files\trend micro
2015-01-01 09:04:25 ----D---- C:\rsit
2015-01-01 00:23:22 ----D---- C:\Program Files (x86)\Google
======List of files/folders modified in the last 1 month======
2015-01-13 21:42:01 ----D---- C:\Program Files (x86)\Origin
2015-01-01 09:04:33 ----D---- C:\windows\Prefetch
2015-01-01 09:04:26 ----RD---- C:\Program Files
2015-01-01 09:03:56 ----D---- C:\windows\Temp
2015-01-01 09:03:17 ----D---- C:\windows\System32
2015-01-01 09:03:17 ----D---- C:\windows\inf
2015-01-01 09:03:17 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-01-01 08:58:03 ----D---- C:\windows\system32\config
2015-01-01 08:57:43 ----A---- C:\windows\SYSWOW64\log.txt
2015-01-01 08:57:29 ----D---- C:\ProgramData\HPQLOG
2015-01-01 01:53:06 ----SHD---- C:\System Volume Information
2015-01-01 00:30:24 ----SD---- C:\ProgramData\Microsoft
2015-01-01 00:23:26 ----RD---- C:\Program Files (x86)
2014-12-21 18:57:34 ----D---- C:\windows\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 30008]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SafeBoot;SafeBoot; C:\windows\system32\drivers\SafeBoot.sys [2009-12-16 56648]
R0 SbAlg;SbAlg; C:\windows\system32\drivers\SbAlg.sys [2009-06-04 60160]
R0 SbFsLock;SbFsLock; C:\windows\system32\drivers\SbFsLock.sys [2009-12-16 15688]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2009-12-16 58184]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 41272]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-11-02 1209856]
R3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [2010-06-29 3232768]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 25912]
R3 huawei_enumerator;huawei_enumerator; C:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-07-27 86016]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-02-20 10300800]
R3 Impcd;Impcd; C:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28x.sys [2010-06-29 931168]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2009-12-22 89216]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt64.sys [2010-03-17 505856]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys []
S3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [2010-04-09 52736]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2009-10-21 40760]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 13952]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\windows\system32\DRIVERS\ewusbnet.sys [2010-08-31 256000]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2010-08-07 121600]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2010-12-02 19968]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-11-11 232480]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 325152]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [2009-03-03 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-11-02 16896]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 DCService.exe;DCService.exe; C:\ProgramData\DatacardService\DCService.exe [2010-09-29 249856]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2009-11-25 462088]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-06-19 103992]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2009-11-18 36864]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-05-10 90112]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-12-16 281192]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2009-07-08 30520]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-11-04 268824]
R2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service; C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe [2009-08-07 222528]
R2 myAgtSvc;McAfee Virus and Spyware Protection Service; C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [2010-02-17 282824]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2009-10-23 635416]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [2010-03-17 244736]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-08-29 1028096]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
S2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
S2 KMService;KMService; C:\windows\syswow64\srvany.exe [2003-04-18 8192]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2009-12-14 2019120]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
S3 DEBridge;DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2009-12-16 704512]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2009-11-17 362040]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-08-29 647680]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-09-08 1255736]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Re: Prosím o kontrolu logu.
Jako antivir pouzivate McAfee? Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu.
No mam len to MaCafee 
# AdwCleaner v4.108 - Report created 01/01/2015 at 09:47:03
# Updated 17/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Adela - ADELA-HP
# Running from : C:\Users\Adela\Downloads\adwcleaner_4.108.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
[!] Folder Deleted : C:\ProgramData\Babylon
[!] Folder Deleted : C:\ProgramData\Premium
[!] Folder Deleted : C:\ProgramData\wxDownload
[!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxDownload
[!] Folder Deleted : C:\windows\SysWOW64\Browser Manager
[!] Folder Deleted : C:\Users\Adela\AppData\LocalLow\BabylonToolbar
[!] Folder Deleted : C:\Users\Adela\AppData\LocalLow\wxDownload
[!] Folder Deleted : C:\Users\Adela\AppData\Roaming\BabSolution
[!] Folder Deleted : C:\Users\Adela\AppData\Roaming\Babylon
[!] Folder Deleted : C:\Users\Adela\AppData\Roaming\file scout
[!] Folder Deleted : C:\Users\Adela\AppData\Roaming\Updater
[!] Folder Deleted : C:\Users\Adela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
[!] Folder Deleted : C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Extensions\emoemijeggdkkcajcaebpoddnacaobpk
File Deleted : C:\Users\Adela\AppData\Roaming\BabMaint.exe
File Deleted : C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_continuetosave.info_0.localstorage-journal
File Deleted : C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
File Deleted : C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\bprotector web data
File Deleted : C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isearch.babylon.com_0.localstorage-journal
File Deleted : C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.royal-search.com_0.localstorage-journal
File Deleted : C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.ak.facebook.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : BitGuard
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\emoemijeggdkkcajcaebpoddnacaobpk
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKCU\Software\5257d98bb13aef12
Key Deleted : HKLM\SOFTWARE\5257d98bb13aef12
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Deleted : HKCU\Software\BABSOLUTION
Key Deleted : HKCU\Software\BrowserMngr
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\filescout
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BrowserMngr
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{088DF54D-6FFC-8C91-02D5-A461DCC2E652}
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271769~1.27\{16cdf~1\loader.dll
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ib.adnxs.com
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17239
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Google Chrome v
[C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=112477&tt=120912_cpc_3812_6&babsrc=SP_ss&mntrId=9a7b563c000000000000001e101f2b52
[C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=112477&tt=120912_cpc_3812_6&babsrc=SP_ss&mntrId=9a7b563c000000000000001e101f2b52
*************************
AdwCleaner[R0].txt - [6104 octets] - [01/01/2015 09:44:54]
AdwCleaner[S0].txt - [5427 octets] - [01/01/2015 09:47:03]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5487 octets] ##########
# AdwCleaner v4.108 - Report created 01/01/2015 at 09:47:03
# Updated 17/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Adela - ADELA-HP
# Running from : C:\Users\Adela\Downloads\adwcleaner_4.108.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
[!] Folder Deleted : C:\ProgramData\Babylon
[!] Folder Deleted : C:\ProgramData\Premium
[!] Folder Deleted : C:\ProgramData\wxDownload
[!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wxDownload
[!] Folder Deleted : C:\windows\SysWOW64\Browser Manager
[!] Folder Deleted : C:\Users\Adela\AppData\LocalLow\BabylonToolbar
[!] Folder Deleted : C:\Users\Adela\AppData\LocalLow\wxDownload
[!] Folder Deleted : C:\Users\Adela\AppData\Roaming\BabSolution
[!] Folder Deleted : C:\Users\Adela\AppData\Roaming\Babylon
[!] Folder Deleted : C:\Users\Adela\AppData\Roaming\file scout
[!] Folder Deleted : C:\Users\Adela\AppData\Roaming\Updater
[!] Folder Deleted : C:\Users\Adela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
[!] Folder Deleted : C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Extensions\emoemijeggdkkcajcaebpoddnacaobpk
File Deleted : C:\Users\Adela\AppData\Roaming\BabMaint.exe
File Deleted : C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_continuetosave.info_0.localstorage-journal
File Deleted : C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
File Deleted : C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\bprotector web data
File Deleted : C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isearch.babylon.com_0.localstorage-journal
File Deleted : C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.royal-search.com_0.localstorage-journal
File Deleted : C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.ak.facebook.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : BitGuard
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\emoemijeggdkkcajcaebpoddnacaobpk
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKCU\Software\5257d98bb13aef12
Key Deleted : HKLM\SOFTWARE\5257d98bb13aef12
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Deleted : HKCU\Software\BABSOLUTION
Key Deleted : HKCU\Software\BrowserMngr
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\filescout
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\BrowserMngr
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{088DF54D-6FFC-8C91-02D5-A461DCC2E652}
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271769~1.27\{16cdf~1\loader.dll
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ib.adnxs.com
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17239
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Google Chrome v
[C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=112477&tt=120912_cpc_3812_6&babsrc=SP_ss&mntrId=9a7b563c000000000000001e101f2b52
[C:\Users\Adela\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=112477&tt=120912_cpc_3812_6&babsrc=SP_ss&mntrId=9a7b563c000000000000001e101f2b52
*************************
AdwCleaner[R0].txt - [6104 octets] - [01/01/2015 09:44:54]
AdwCleaner[S0].txt - [5427 octets] - [01/01/2015 09:47:03]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5487 octets] ##########
Re: Prosím o kontrolu logu.
McAfee je placeny, mate ho zakoupeny, nebo jen zkusebni verzi? Ja bych jej odinstaloval a dal tam Avast free. Ten je zadara a kvalitni, sam jej pouzivam uz radu let. Samozrejme vas nenutim, je to vase volba
Smeti je tam hodne, tak to bude chtit vetsi zasah
Postupujte podle navodu kolegy
Postupujte podle navodu kolegy
Smeti je tam hodne, tak to bude chtit vetsi zasah
Postupujte podle navodu kolegy
vyosek píše:
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Postupujte podle navodu kolegy
vyosek píše:
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; autoclean; resethosts; emptyclsid; IEdefaults; FFdefaults; CHRdefaults; emptyIEcache; emptyFFcache; emptyCHRcache; emptyalltemp; emptyflash; emptyjava; emptyrecycle.bin;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Adela on çt 01. 01. 2015 at 10:03:07,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{3134413B-49B4-425C-98A5-893C1F195601}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{395610AE-C624-4f58-B89E-23733EA00F9A}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7BA650CB-F59A-ADBE-4CFE-059D39A8C91B}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{7BA650CB-F59A-ADBE-4CFE-059D39A8C91B}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{3134413B-49B4-425C-98A5-893C1F195601}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{395610AE-C624-4f58-B89E-23733EA00F9A}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7BA650CB-F59A-ADBE-4CFE-059D39A8C91B}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{7BA650CB-F59A-ADBE-4CFE-059D39A8C91B}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on çt 01. 01. 2015 at 10:06:26,32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Adela on çt 01. 01. 2015 at 10:03:07,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{3134413B-49B4-425C-98A5-893C1F195601}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{395610AE-C624-4f58-B89E-23733EA00F9A}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7BA650CB-F59A-ADBE-4CFE-059D39A8C91B}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{7BA650CB-F59A-ADBE-4CFE-059D39A8C91B}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{3134413B-49B4-425C-98A5-893C1F195601}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{395610AE-C624-4f58-B89E-23733EA00F9A}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7BA650CB-F59A-ADBE-4CFE-059D39A8C91B}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{7BA650CB-F59A-ADBE-4CFE-059D39A8C91B}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on çt 01. 01. 2015 at 10:06:26,32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Prosím o kontrolu logu.
A ten Zoek.exe mi nechce spustiť.
Re: Prosím o kontrolu logu.
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu.
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 18. 1. 2015
Scan Time: 11:07:09
Logfile:
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.01.18.05
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Adela
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 368727
Time Elapsed: 13 min, 37 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 1
PUP.Optional.Babylon.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, , [edf02eca34551d198a078e3ff113ae52],
Registry Values: 1
PUP.Optional.BProtector, HKU\S-1-5-21-2485374108-2041942618-780395263-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|BrowserMngr Start Page, http://www.google.com, , [ad3064945039bd7983f2c91032d2d729]
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 6
PUP.Optional.InstallRex, C:\Users\Adela\Downloads\FastDownload (1).exe, , [d30ac137c3c61026a096efdb857c728e],
PUP.Optional.InstallRex, C:\Users\Adela\Downloads\FastDownload.exe, , [e7f6dc1c2c5d69cdad898347ab561ee2],
Trojan.Agent.SFX, C:\Users\Adela\Downloads\Puzzle_osobnosť-reformátor..exe, , [db02ab4d1475290df9f856e86a9b4bb5],
Trojan.JSExt.Gen, C:\Users\Adela\Downloads\Video Player-v3-8.exe, , [eaf3ab4d1871ff3706c0c60c11f0d12f],
PUP.Optional.WXDownload.A, C:\Windows\System32\Tasks\WxDFastUpdaterTask{50177B09-8FD8-4502-9A74-CE328F4FB3BF}, , [7e5ff0088405d5617bba0094fb087e82],
PUP.Optional.WXDownload.A, C:\Windows\Tasks\WxDFastUpdaterTask{50177B09-8FD8-4502-9A74-CE328F4FB3BF}.job, , [ecf18e6a5c2dc2741d13821436cd9070],
Physical Sectors: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Scan Date: 18. 1. 2015
Scan Time: 11:07:09
Logfile:
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.01.18.05
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Adela
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 368727
Time Elapsed: 13 min, 37 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 1
PUP.Optional.Babylon.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, , [edf02eca34551d198a078e3ff113ae52],
Registry Values: 1
PUP.Optional.BProtector, HKU\S-1-5-21-2485374108-2041942618-780395263-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|BrowserMngr Start Page, http://www.google.com, , [ad3064945039bd7983f2c91032d2d729]
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 6
PUP.Optional.InstallRex, C:\Users\Adela\Downloads\FastDownload (1).exe, , [d30ac137c3c61026a096efdb857c728e],
PUP.Optional.InstallRex, C:\Users\Adela\Downloads\FastDownload.exe, , [e7f6dc1c2c5d69cdad898347ab561ee2],
Trojan.Agent.SFX, C:\Users\Adela\Downloads\Puzzle_osobnosť-reformátor..exe, , [db02ab4d1475290df9f856e86a9b4bb5],
Trojan.JSExt.Gen, C:\Users\Adela\Downloads\Video Player-v3-8.exe, , [eaf3ab4d1871ff3706c0c60c11f0d12f],
PUP.Optional.WXDownload.A, C:\Windows\System32\Tasks\WxDFastUpdaterTask{50177B09-8FD8-4502-9A74-CE328F4FB3BF}, , [7e5ff0088405d5617bba0094fb087e82],
PUP.Optional.WXDownload.A, C:\Windows\Tasks\WxDFastUpdaterTask{50177B09-8FD8-4502-9A74-CE328F4FB3BF}.job, , [ecf18e6a5c2dc2741d13821436cd9070],
Physical Sectors: 0
(No malicious items detected)
(end)
Re: Prosím o kontrolu logu.
Vsechny nalezy hodte do karanteny.
Po restartu pc udelejte novou kontrolu, ale tentokrat opravdu se spravnym nastavenim, aby se kontroloval cely pocitac.
Vy jste dal totiz jen sken hrozeb - Threat Scan
Ja chtel vlastni sken (vsech disku) - Custom Scan
15.2. pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975
Po restartu pc udelejte novou kontrolu, ale tentokrat opravdu se spravnym nastavenim, aby se kontroloval cely pocitac.
Vy jste dal totiz jen sken hrozeb - Threat Scan
Ja chtel vlastni sken (vsech disku) - Custom Scan
15.2. pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?