Pomalý start PC, zamrzání Google Chrome
Napsal: 28 říj 2012 19:43
Dobrý den, najednou se mi neuvěřitelně pomalu zapíná PC. Při surfování na internetu v Google Chrome se prohlížeč neustále seká a videa na YouTube jdou přehrát jen přes celou obrazovku. Jiné prohlížeče fungují normálně. Nepomohla re-instalace Chrome ani odstranění infekcí ve Spyware Terminator.
DDS (Ver_2012-10-19.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421
Run by James at 19:37:36 on 2012-10-28
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4030.1539 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\PROGRAM FILES\MICROSOFT SECURITY CLIENT\MSMPENG.EXE
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\atieclxx.exe
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP PROTECTTOOLS SECURITY MANAGER\BIN\DPHOSTW.EXE
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP HOTKEY SUPPORT\HPHOTKEYMONITOR.EXE
C:\PROGRAM FILES (X86)\CANON\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
C:\PROGRAM FILES (X86)\PDF COMPLETE\PDFSVC.EXE
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\windows\system32\Dwm.exe
C:\WINDOWS\EXPLORER.EXE
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\PROGRAM FILES\MICROSOFT SECURITY CLIENT\NISSRV.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE
C:\WINDOWS\SYSTEM32\HKCMD.EXE
C:\Windows\System32\igfxpers.exe
c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\PROGRAM FILES (X86)\BLUETOOTH SUITE\BTVSTACK.EXE
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE
C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORUPDATE.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\PROGRAM FILES (X86)\GOOGLE\DRIVE\GOOGLEDRIVESYNC.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\USERS\JAMES\APPDATA\LOCAL\FACEBOOK\MESSENGER\2.1.4651.0\FACEBOOKMESSENGER.EXE
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP HOTKEY SUPPORT\QLBCONTROLLER.EXE
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORICON.EXE
C:\windows\system32\svchost.exe -k bthsvcs
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP QUICKWEB\HPQWUTILS.EXE
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\DRIVE\GOOGLEDRIVESYNC.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\WINDOWS\SERVICING\TRUSTEDINSTALLER.EXE
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\SHARED\HPQWMIEX.EXE
C:\WINDOWS\SYSTEM32\WBEM\UNSECAPP.EXE
C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE
C:\WINDOWS\SYSWOW64\WBEM\WMIPRVSE.EXE
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE
C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP POWER ASSISTANT\HPPA_MAIN.EXE
C:\WINDOWS\SYSTEM32\DLLHOST.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP POWER ASSISTANT\HPPA_SERVICE.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP HEALTH CHECK\HPHC_SERVICE.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP CONNECTION MANAGER\HPCONNECTIONMANAGER.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORDATAMGRSVC.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\LMS\LMS.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP CONNECTION MANAGER\HPCMSRV.EXE
C:\WINDOWS\SYSTEM32\SPPSVC.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\PORTRAIT DISPLAYS\DRIVERS\SDKCOMSERVER.EXE
C:\WINDOWS\MICROSOFT.NET\FRAMEWORK64\V3.0\WPF\PRESENTATIONFONTCACHE.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\PORTRAIT DISPLAYS\DRIVERS\PDISDKHELPERX64.EXE
C:\WINDOWS\SYSTEM32\IGFXEXT.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\SHARED\HPCASLNOTIFICATION.EXE
C:\WINDOWS\SYSTEM32\SEARCHPROTOCOLHOST.EXE
C:\WINDOWS\SYSTEM32\IGFXSRVC.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\UNS\UNS.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\WINDOWS\SYSTEM32\SEARCHFILTERHOST.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\WINDOWS\SYSTEM32\CONHOST.EXE
C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE
C:\WINDOWS\SYSTEM32\CSCRIPT.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com?pc=CMNTDF
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.bing.com?pc=CMNTDF
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.bing.com?pc=CMNTDF
mDefault_Page_URL = hxxp://www.bing.com?pc=CMNTDF
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
mURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
mWinlogon: Userinit = userinit.exe
BHO: File Sanitizer for HP ProtectTools: {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
uRun: [Google Update] "C:\Users\James\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [GoogleChromeAutoLaunch_6B06BCEFC97BCF192292AD16DB5D7A73] "C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [AdobeBridge] <no file>
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
mRun: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
mRun: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
mRun: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [HPQuickWebProxy] "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [GoogleUpdate] C:\Users\James\AppData\Roaming\Updates\GoogleUpdate.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
StartupFolder: C:\Users\James\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\FACEBO~1.LNK - C:\Users\James\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe
StartupFolder: C:\Users\James\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VEZYOB~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{0307E1D2-B260-41F7-B323-075A26128F11} : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{0307E1D2-B260-41F7-B323-075A26128F11}\35550525F4D2E45445D235452554C4E41433 : DHCPNameServer = 10.73.52.2
TCP: Interfaces\{0307E1D2-B260-41F7-B323-075A26128F11}\35C45534841445B4F4 : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{0307E1D2-B260-41F7-B323-075A26128F11}\35C65736861647B6F6 : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{0307E1D2-B260-41F7-B323-075A26128F11}\A5978554C4 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{0307E1D2-B260-41F7-B323-075A26128F11}\D474D26537564796E6022433 : DHCPNameServer = 212.111.0.10 194.213.32.237
TCP: Interfaces\{0307E1D2-B260-41F7-B323-075A26128F11}\D474D26537564796E6029434 : DHCPNameServer = 212.111.0.10 194.213.32.237
TCP: Interfaces\{783BB13B-EB0C-4FA4-BD92-75D30AF30979} : DHCPNameServer = 10.0.0.138
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: DeviceNP - DeviceNP.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Notification Packages = EpePcNp64 DPPassFilter scecli
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
x64-mStart Page = hxxp://www.bing.com?pc=CMNTDF
x64-mDefault_Page_URL = hxxp://www.bing.com?pc=CMNTDF
x64-mWinlogon: Userinit = C:\windows\System32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [MfeEpePcMonitor] "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
x64-Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\49a4vg7n.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\James\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll
FF - plugin: C:\Users\James\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MfeEpePc;MfeEpePc;C:\windows\System32\drivers\MfeEpePc.sys [2011-2-9 168008]
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-8-22 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-3-28 203264]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-1-6 138400]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-1-6 53920]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-1-27 131128]
R2 HPDayStarterService;HP DayStarter Service;C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-1-28 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-29 94264]
R2 HPFSService;File Sanitizer for HP ProtectTools;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-2-7 320000]
R2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2011-1-28 281656]
R2 hpsrv;HP Service;C:\windows\System32\hpservice.exe [2011-1-26 30520]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-8-22 13336]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-2-9 1318912]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456]
R2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-8-23 625816]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-5-12 1127448]
R2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-5-12 113264]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 sp_rsdrv2;Spyware Terminator Driver Filter;C:\windows\System32\drivers\stflt.sys [2012-10-27 51496]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2012-10-27 1148664]
R2 uArcCapture;ArcCapture;C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe [2012-8-22 502464]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-8-22 2656280]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\windows\System32\vcsFPService.exe [2011-1-21 3154224]
R3 amdkmdag;amdkmdag;C:\windows\System32\drivers\atikmdag.sys [2011-3-28 9319424]
R3 amdkmdap;amdkmdap;C:\windows\System32\drivers\atikmpag.sys [2011-3-28 303616]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;C:\windows\System32\drivers\ArcSoftVCapture.sys [2012-8-22 32192]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\windows\System32\drivers\btath_flt.sys [2011-1-6 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\windows\System32\drivers\btath_a2dp.sys [2011-1-6 298144]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\windows\System32\drivers\btath_bus.sys [2011-1-6 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\windows\System32\drivers\btath_hcrp.sys [2011-1-6 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\windows\System32\drivers\btath_lwflt.sys [2011-1-6 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\windows\System32\drivers\btath_rcp.sys [2011-1-6 154272]
R3 BtFilter;BtFilter;C:\windows\System32\drivers\btfilter.sys [2011-1-6 279200]
R3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-4-5 1094712]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd;C:\windows\System32\drivers\igdpmd64.sys [2011-1-27 12273408]
R3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2011-1-31 174168]
R3 MEIx64;Intel(R) Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2010-10-20 56344]
R3 NisSrv;Kontrola sítě Microsoft;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-5-12 406632]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Služba Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-8-23 116648]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S2 XobniService;XobniService;C:\Program Files (x86)\Xobni\XobniService.exe [2011-3-7 62184]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-23 250808]
S3 DAMDrv;DAMDrv;C:\windows\System32\drivers\DAMDrv64.sys [2011-2-7 63336]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;C:\Windows\SysWOW64\flcdlock.exe [2011-2-3 464480]
S3 gupdatem;Služba Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-8-23 116648]
S3 HP ProtectTools Service;HP ProtectTools Service;C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-1-12 36864]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-8-23 115168]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 StorSvc;Služba úložiště;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-8-24 59392]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\windows\System32\Wat\WatAdminSvc.exe [2012-8-24 1255736]
.
=============== File Associations ===============
.
ShellExec: DigitalTheatre.exe: open="c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTStart.exe" "%1"
.
=============== Created Last 30 ================
.
2012-10-28 18:26:07 -------- d-sh--w- C:\found.000
2012-10-27 18:48:53 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{13BA6A6A-F263-483B-A45F-5DA1A5CCDDA2}\offreg.dll
2012-10-27 18:19:41 972192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F24F1C9E-3028-421C-B795-B5531CB4B9D1}\gapaengine.dll
2012-10-27 18:19:37 9291768 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{13BA6A6A-F263-483B-A45F-5DA1A5CCDDA2}\mpengine.dll
2012-10-27 18:13:50 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-10-27 18:13:48 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-10-27 16:53:45 9309624 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-10-27 16:53:40 9291768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ABBAA1DF-C856-4D46-AAC5-ED8D96CDAAD0}\mpengine.dll
2012-10-27 16:50:17 51496 ----a-w- C:\windows\System32\drivers\stflt.sys
2012-10-27 16:50:17 -------- d-----w- C:\Users\James\AppData\Roaming\Spyware Terminator
2012-10-27 16:50:17 -------- d-----w- C:\ProgramData\Spyware Terminator
2012-10-27 16:48:39 -------- d-----w- C:\Program Files (x86)\Spyware Terminator
2012-10-26 15:28:27 96224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2012-10-26 15:28:27 157272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2012-10-25 21:41:49 0 ----a-w- C:\windows\SysWow64\sho274F.tmp
2012-10-24 20:58:54 0 ----a-w- C:\windows\SysWow64\sho9803.tmp
2012-10-13 17:53:01 -------- d-----w- C:\Users\James\AppData\Roaming\PLAYPC
2012-10-10 13:15:28 -------- d-----w- C:\Users\James\AppData\Local\Facebook
2012-10-10 13:05:57 715776 ----a-w- C:\windows\System32\kerberos.dll
2012-10-10 13:05:57 542208 ----a-w- C:\windows\SysWow64\kerberos.dll
2012-10-10 13:05:55 1464320 ----a-w- C:\windows\System32\crypt32.dll
2012-10-10 13:05:54 184320 ----a-w- C:\windows\System32\cryptsvc.dll
2012-10-10 13:05:54 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll
2012-10-10 13:05:54 140288 ----a-w- C:\windows\System32\cryptnet.dll
2012-10-10 13:05:54 1159680 ----a-w- C:\windows\SysWow64\crypt32.dll
2012-10-10 13:05:54 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll
2012-09-29 12:21:27 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2012-09-29 12:18:25 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-09-29 12:10:06 -------- d-----w- C:\Users\James\AppData\Roaming\Oxford Student's Czech
2012-09-29 12:06:09 -------- d-----w- C:\Program Files (x86)\Common Files\Lingea Shared
2012-09-29 12:00:53 -------- d-----w- C:\Program Files (x86)\Oxford
.
==================== Find3M ====================
.
2012-10-09 14:24:21 73656 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 14:24:21 696760 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-09-14 19:19:29 2048 ----a-w- C:\windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2012-09-03 18:54:29 0 ----a-w- C:\windows\SysWow64\sho65BE.tmp
2012-09-02 20:43:25 0 ----a-w- C:\windows\SysWow64\sho2927.tmp
2012-08-31 18:19:35 1659760 ----a-w- C:\windows\System32\drivers\ntfs.sys
2012-08-30 20:03:48 228768 ----a-w- C:\windows\System32\drivers\MpFilter.sys
2012-08-30 20:03:48 128456 ----a-w- C:\windows\System32\drivers\NisDrvWFP.sys
2012-08-30 18:03:45 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-08-30 17:12:02 3968880 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2012-08-29 08:56:46 152576 ----a-w- C:\windows\SysWow64\msclmd.dll
2012-08-29 08:56:45 175616 ----a-w- C:\windows\System32\msclmd.dll
2012-08-24 18:05:07 220160 ----a-w- C:\windows\System32\wintrust.dll
2012-08-24 16:57:48 172544 ----a-w- C:\windows\SysWow64\wintrust.dll
2012-08-24 10:31:32 2312704 ----a-w- C:\windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-08-22 22:38:33 0 ----a-w- C:\windows\ativpsrm.bin
2012-08-22 18:12:50 1913200 ----a-w- C:\windows\System32\drivers\tcpip.sys
2012-08-22 18:12:40 950128 ----a-w- C:\windows\System32\drivers\ndis.sys
2012-08-22 18:12:40 376688 ----a-w- C:\windows\System32\drivers\netio.sys
2012-08-22 18:12:33 288624 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS
2012-08-22 14:46:53 3120 ----a-w- C:\windows\SysWow64\drivers\wdegfac.sys
2012-08-21 21:01:00 245760 ----a-w- C:\windows\System32\OxpsConverter.exe
2012-08-20 18:48:44 362496 ----a-w- C:\windows\System32\wow64win.dll
2012-08-20 18:48:44 243200 ----a-w- C:\windows\System32\wow64.dll
2012-08-20 18:48:44 13312 ----a-w- C:\windows\System32\wow64cpu.dll
2012-08-20 18:48:43 215040 ----a-w- C:\windows\System32\winsrv.dll
2012-08-20 18:48:37 16384 ----a-w- C:\windows\System32\ntvdm64.dll
2012-08-20 18:48:35 424448 ----a-w- C:\windows\System32\KernelBase.dll
2012-08-20 18:46:22 338432 ----a-w- C:\windows\System32\conhost.exe
2012-08-20 17:40:21 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38:44 44032 ----a-w- C:\windows\apppatch\acwow64.dll
2012-08-20 17:38:26 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2012-08-20 17:37:19 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2012-08-20 17:37:18 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll
2012-08-20 15:38:21 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2012-08-20 15:38:20 2048 ----a-w- C:\windows\SysWow64\user.exe
2012-08-20 15:33:28 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-08-02 17:58:52 574464 ----a-w- C:\windows\System32\d3d10level9.dll
2012-08-02 16:57:20 490496 ----a-w- C:\windows\SysWow64\d3d10level9.dll
.
============= FINISH: 19:39:00,45 ===============
DDS (Ver_2012-10-19.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421
Run by James at 19:37:36 on 2012-10-28
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4030.1539 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\PROGRAM FILES\MICROSOFT SECURITY CLIENT\MSMPENG.EXE
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\atieclxx.exe
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP PROTECTTOOLS SECURITY MANAGER\BIN\DPHOSTW.EXE
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP HOTKEY SUPPORT\HPHOTKEYMONITOR.EXE
C:\PROGRAM FILES (X86)\CANON\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
C:\PROGRAM FILES (X86)\PDF COMPLETE\PDFSVC.EXE
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\windows\system32\Dwm.exe
C:\WINDOWS\EXPLORER.EXE
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\PROGRAM FILES\MICROSOFT SECURITY CLIENT\NISSRV.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SYSTEM32\IGFXTRAY.EXE
C:\WINDOWS\SYSTEM32\HKCMD.EXE
C:\Windows\System32\igfxpers.exe
c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\PROGRAM FILES (X86)\BLUETOOTH SUITE\BTVSTACK.EXE
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE
C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORUPDATE.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\PROGRAM FILES (X86)\GOOGLE\DRIVE\GOOGLEDRIVESYNC.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\USERS\JAMES\APPDATA\LOCAL\FACEBOOK\MESSENGER\2.1.4651.0\FACEBOOKMESSENGER.EXE
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP HOTKEY SUPPORT\QLBCONTROLLER.EXE
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORICON.EXE
C:\windows\system32\svchost.exe -k bthsvcs
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP QUICKWEB\HPQWUTILS.EXE
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\DRIVE\GOOGLEDRIVESYNC.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\WINDOWS\SERVICING\TRUSTEDINSTALLER.EXE
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\SHARED\HPQWMIEX.EXE
C:\WINDOWS\SYSTEM32\WBEM\UNSECAPP.EXE
C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE
C:\WINDOWS\SYSWOW64\WBEM\WMIPRVSE.EXE
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE
C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP POWER ASSISTANT\HPPA_MAIN.EXE
C:\WINDOWS\SYSTEM32\DLLHOST.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP POWER ASSISTANT\HPPA_SERVICE.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP HEALTH CHECK\HPHC_SERVICE.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP CONNECTION MANAGER\HPCONNECTIONMANAGER.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORDATAMGRSVC.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\LMS\LMS.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\HP CONNECTION MANAGER\HPCMSRV.EXE
C:\WINDOWS\SYSTEM32\SPPSVC.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\PORTRAIT DISPLAYS\DRIVERS\SDKCOMSERVER.EXE
C:\WINDOWS\MICROSOFT.NET\FRAMEWORK64\V3.0\WPF\PRESENTATIONFONTCACHE.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\PORTRAIT DISPLAYS\DRIVERS\PDISDKHELPERX64.EXE
C:\WINDOWS\SYSTEM32\IGFXEXT.EXE
C:\PROGRAM FILES (X86)\HEWLETT-PACKARD\SHARED\HPCASLNOTIFICATION.EXE
C:\WINDOWS\SYSTEM32\SEARCHPROTOCOLHOST.EXE
C:\WINDOWS\SYSTEM32\IGFXSRVC.EXE
C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\UNS\UNS.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\WINDOWS\SYSTEM32\SEARCHFILTERHOST.EXE
C:\USERS\JAMES\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\WINDOWS\SYSTEM32\CONHOST.EXE
C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE
C:\WINDOWS\SYSTEM32\CSCRIPT.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com?pc=CMNTDF
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.bing.com?pc=CMNTDF
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.bing.com?pc=CMNTDF
mDefault_Page_URL = hxxp://www.bing.com?pc=CMNTDF
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
mURLSearchHooks: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
mWinlogon: Userinit = userinit.exe
BHO: File Sanitizer for HP ProtectTools: {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: uTorrentControl_v2 Toolbar: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
uRun: [Google Update] "C:\Users\James\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [GoogleChromeAutoLaunch_6B06BCEFC97BCF192292AD16DB5D7A73] "C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [AdobeBridge] <no file>
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
mRun: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
mRun: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
mRun: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [HPQuickWebProxy] "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [GoogleUpdate] C:\Users\James\AppData\Roaming\Updates\GoogleUpdate.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
StartupFolder: C:\Users\James\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\FACEBO~1.LNK - C:\Users\James\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe
StartupFolder: C:\Users\James\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VEZYOB~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{0307E1D2-B260-41F7-B323-075A26128F11} : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{0307E1D2-B260-41F7-B323-075A26128F11}\35550525F4D2E45445D235452554C4E41433 : DHCPNameServer = 10.73.52.2
TCP: Interfaces\{0307E1D2-B260-41F7-B323-075A26128F11}\35C45534841445B4F4 : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{0307E1D2-B260-41F7-B323-075A26128F11}\35C65736861647B6F6 : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{0307E1D2-B260-41F7-B323-075A26128F11}\A5978554C4 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{0307E1D2-B260-41F7-B323-075A26128F11}\D474D26537564796E6022433 : DHCPNameServer = 212.111.0.10 194.213.32.237
TCP: Interfaces\{0307E1D2-B260-41F7-B323-075A26128F11}\D474D26537564796E6029434 : DHCPNameServer = 212.111.0.10 194.213.32.237
TCP: Interfaces\{783BB13B-EB0C-4FA4-BD92-75D30AF30979} : DHCPNameServer = 10.0.0.138
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: DeviceNP - DeviceNP.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Notification Packages = EpePcNp64 DPPassFilter scecli
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
x64-mStart Page = hxxp://www.bing.com?pc=CMNTDF
x64-mDefault_Page_URL = hxxp://www.bing.com?pc=CMNTDF
x64-mWinlogon: Userinit = C:\windows\System32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [MfeEpePcMonitor] "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
x64-Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\49a4vg7n.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\James\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll
FF - plugin: C:\Users\James\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MfeEpePc;MfeEpePc;C:\windows\System32\drivers\MfeEpePc.sys [2011-2-9 168008]
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-8-22 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-3-28 203264]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-1-6 138400]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-1-6 53920]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-1-27 131128]
R2 HPDayStarterService;HP DayStarter Service;C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-1-28 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-29 94264]
R2 HPFSService;File Sanitizer for HP ProtectTools;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-2-7 320000]
R2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2011-1-28 281656]
R2 hpsrv;HP Service;C:\windows\System32\hpservice.exe [2011-1-26 30520]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-8-22 13336]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-2-9 1318912]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456]
R2 PanService;PandoraService;C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-8-23 625816]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-5-12 1127448]
R2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-5-12 113264]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 sp_rsdrv2;Spyware Terminator Driver Filter;C:\windows\System32\drivers\stflt.sys [2012-10-27 51496]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2012-10-27 1148664]
R2 uArcCapture;ArcCapture;C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe [2012-8-22 502464]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-8-22 2656280]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\windows\System32\vcsFPService.exe [2011-1-21 3154224]
R3 amdkmdag;amdkmdag;C:\windows\System32\drivers\atikmdag.sys [2011-3-28 9319424]
R3 amdkmdap;amdkmdap;C:\windows\System32\drivers\atikmpag.sys [2011-3-28 303616]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;C:\windows\System32\drivers\ArcSoftVCapture.sys [2012-8-22 32192]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\windows\System32\drivers\btath_flt.sys [2011-1-6 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\windows\System32\drivers\btath_a2dp.sys [2011-1-6 298144]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\windows\System32\drivers\btath_bus.sys [2011-1-6 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\windows\System32\drivers\btath_hcrp.sys [2011-1-6 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\windows\System32\drivers\btath_lwflt.sys [2011-1-6 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\windows\System32\drivers\btath_rcp.sys [2011-1-6 154272]
R3 BtFilter;BtFilter;C:\windows\System32\drivers\btfilter.sys [2011-1-6 279200]
R3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-4-5 1094712]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd;C:\windows\System32\drivers\igdpmd64.sys [2011-1-27 12273408]
R3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2011-1-31 174168]
R3 MEIx64;Intel(R) Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2010-10-20 56344]
R3 NisSrv;Kontrola sítě Microsoft;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-5-12 406632]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Služba Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-8-23 116648]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S2 XobniService;XobniService;C:\Program Files (x86)\Xobni\XobniService.exe [2011-3-7 62184]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-23 250808]
S3 DAMDrv;DAMDrv;C:\windows\System32\drivers\DAMDrv64.sys [2011-2-7 63336]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;C:\Windows\SysWOW64\flcdlock.exe [2011-2-3 464480]
S3 gupdatem;Služba Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-8-23 116648]
S3 HP ProtectTools Service;HP ProtectTools Service;C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2011-1-12 36864]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-8-23 115168]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 StorSvc;Služba úložiště;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-8-24 59392]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\windows\System32\Wat\WatAdminSvc.exe [2012-8-24 1255736]
.
=============== File Associations ===============
.
ShellExec: DigitalTheatre.exe: open="c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTStart.exe" "%1"
.
=============== Created Last 30 ================
.
2012-10-28 18:26:07 -------- d-sh--w- C:\found.000
2012-10-27 18:48:53 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{13BA6A6A-F263-483B-A45F-5DA1A5CCDDA2}\offreg.dll
2012-10-27 18:19:41 972192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F24F1C9E-3028-421C-B795-B5531CB4B9D1}\gapaengine.dll
2012-10-27 18:19:37 9291768 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{13BA6A6A-F263-483B-A45F-5DA1A5CCDDA2}\mpengine.dll
2012-10-27 18:13:50 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-10-27 18:13:48 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-10-27 16:53:45 9309624 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-10-27 16:53:40 9291768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ABBAA1DF-C856-4D46-AAC5-ED8D96CDAAD0}\mpengine.dll
2012-10-27 16:50:17 51496 ----a-w- C:\windows\System32\drivers\stflt.sys
2012-10-27 16:50:17 -------- d-----w- C:\Users\James\AppData\Roaming\Spyware Terminator
2012-10-27 16:50:17 -------- d-----w- C:\ProgramData\Spyware Terminator
2012-10-27 16:48:39 -------- d-----w- C:\Program Files (x86)\Spyware Terminator
2012-10-26 15:28:27 96224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2012-10-26 15:28:27 157272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2012-10-25 21:41:49 0 ----a-w- C:\windows\SysWow64\sho274F.tmp
2012-10-24 20:58:54 0 ----a-w- C:\windows\SysWow64\sho9803.tmp
2012-10-13 17:53:01 -------- d-----w- C:\Users\James\AppData\Roaming\PLAYPC
2012-10-10 13:15:28 -------- d-----w- C:\Users\James\AppData\Local\Facebook
2012-10-10 13:05:57 715776 ----a-w- C:\windows\System32\kerberos.dll
2012-10-10 13:05:57 542208 ----a-w- C:\windows\SysWow64\kerberos.dll
2012-10-10 13:05:55 1464320 ----a-w- C:\windows\System32\crypt32.dll
2012-10-10 13:05:54 184320 ----a-w- C:\windows\System32\cryptsvc.dll
2012-10-10 13:05:54 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll
2012-10-10 13:05:54 140288 ----a-w- C:\windows\System32\cryptnet.dll
2012-10-10 13:05:54 1159680 ----a-w- C:\windows\SysWow64\crypt32.dll
2012-10-10 13:05:54 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll
2012-09-29 12:21:27 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2012-09-29 12:18:25 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-09-29 12:10:06 -------- d-----w- C:\Users\James\AppData\Roaming\Oxford Student's Czech
2012-09-29 12:06:09 -------- d-----w- C:\Program Files (x86)\Common Files\Lingea Shared
2012-09-29 12:00:53 -------- d-----w- C:\Program Files (x86)\Oxford
.
==================== Find3M ====================
.
2012-10-09 14:24:21 73656 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 14:24:21 696760 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-09-14 19:19:29 2048 ----a-w- C:\windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2012-09-03 18:54:29 0 ----a-w- C:\windows\SysWow64\sho65BE.tmp
2012-09-02 20:43:25 0 ----a-w- C:\windows\SysWow64\sho2927.tmp
2012-08-31 18:19:35 1659760 ----a-w- C:\windows\System32\drivers\ntfs.sys
2012-08-30 20:03:48 228768 ----a-w- C:\windows\System32\drivers\MpFilter.sys
2012-08-30 20:03:48 128456 ----a-w- C:\windows\System32\drivers\NisDrvWFP.sys
2012-08-30 18:03:45 5559664 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-08-30 17:12:02 3968880 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2012-08-29 08:56:46 152576 ----a-w- C:\windows\SysWow64\msclmd.dll
2012-08-29 08:56:45 175616 ----a-w- C:\windows\System32\msclmd.dll
2012-08-24 18:05:07 220160 ----a-w- C:\windows\System32\wintrust.dll
2012-08-24 16:57:48 172544 ----a-w- C:\windows\SysWow64\wintrust.dll
2012-08-24 10:31:32 2312704 ----a-w- C:\windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-08-22 22:38:33 0 ----a-w- C:\windows\ativpsrm.bin
2012-08-22 18:12:50 1913200 ----a-w- C:\windows\System32\drivers\tcpip.sys
2012-08-22 18:12:40 950128 ----a-w- C:\windows\System32\drivers\ndis.sys
2012-08-22 18:12:40 376688 ----a-w- C:\windows\System32\drivers\netio.sys
2012-08-22 18:12:33 288624 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS
2012-08-22 14:46:53 3120 ----a-w- C:\windows\SysWow64\drivers\wdegfac.sys
2012-08-21 21:01:00 245760 ----a-w- C:\windows\System32\OxpsConverter.exe
2012-08-20 18:48:44 362496 ----a-w- C:\windows\System32\wow64win.dll
2012-08-20 18:48:44 243200 ----a-w- C:\windows\System32\wow64.dll
2012-08-20 18:48:44 13312 ----a-w- C:\windows\System32\wow64cpu.dll
2012-08-20 18:48:43 215040 ----a-w- C:\windows\System32\winsrv.dll
2012-08-20 18:48:37 16384 ----a-w- C:\windows\System32\ntvdm64.dll
2012-08-20 18:48:35 424448 ----a-w- C:\windows\System32\KernelBase.dll
2012-08-20 18:46:22 338432 ----a-w- C:\windows\System32\conhost.exe
2012-08-20 17:40:21 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38:44 44032 ----a-w- C:\windows\apppatch\acwow64.dll
2012-08-20 17:38:26 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2012-08-20 17:37:19 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2012-08-20 17:37:18 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll
2012-08-20 15:38:21 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2012-08-20 15:38:20 2048 ----a-w- C:\windows\SysWow64\user.exe
2012-08-20 15:33:28 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-08-02 17:58:52 574464 ----a-w- C:\windows\System32\d3d10level9.dll
2012-08-02 16:57:20 490496 ----a-w- C:\windows\SysWow64\d3d10level9.dll
.
============= FINISH: 19:39:00,45 ===============